Top Security News

Beware of Michael Jackson One Year Death Anniversary Spam Email To celebrate the life and legacy of one of the greatest entertainers of our time, fans around the world will once again be searching for their favorite Michael Jackson song and paying tribute to the King of Pop as we approach his one-year death anniversary. After the death of Michael Jackson on...
Warning: Menacing BlackHole Exploit Kit Targeting Windows PCs Now Available to Hackers for Free Christmas has come early for novice hackers and criminals looking to get their share of the scam operatives flooding the Internet after someone publicly set free not one but two dangerous malware tools in just under 30 days. Once available as a password protected archive, the Zeus malware kit and...
Hackers Attack Citibank Pilfering over 200,000 Credit Card Customers' Personal Data While more news on Rep. Anthony Weiner's (D-N.Y.) online sex scandal continues to appear, another hacking incident occurs, this time hackers broke into Citibank's computers stealing account numbers, names and contact information. Citibank, one of the biggest 4 banks in the USA, discovered a data...

Top Articles

RobinHood Ransomware

The RobinHood Ransomware (RobbinHood Ransomware or RobbinHood File Extension Ransomware) is a ransomware Trojan that is used to harass computer users under the pretext of raising awareness and funds for the people of Yemen. In fact, there is no evidence to support the theory that the creators of the RobinHood Ransomware have altruistic motives. It is likelier that the con artists are using the RobinHood Ransomware to profit in the same way that the creators of most encryption ransomware Trojans act today. However, the ransom demand in the case of the RobinHood Ransomware is extremely elevated, making it very unlikely that any individual PC users will pay the RobinHood Ransomware ransom in case of an attack. Take preventive measures against ransomware Trojans like the RobinHood Ransomware, which are becoming common increasingly. Yemen...

Posted on August 4, 2017 in Ransomware

WannaCryptor or WanaCrypt0r Ransomware

WannaCryptor or WanaCrypt0r Ransomware screenshot

The WanaCrypt0r Ransomware is an encryption Trojan that features a worm-like attack tactic. The WanaCrypt0r Ransomware is recognized as one of the most threatening and widespread encryption Trojans up until May 12th, 2017. The WanaCrypt0r Ransomware managed to compromise more than hundreds of thousand systems across one hundred and forty countries on its first release to the real world. The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. The Trojan managed to block access to most of the computers connected to the National Healthcare System and nearly 70% of the cases that involve the WanaCrypt0r Ransomware are recorded in Russia....

Posted on March 29, 2017 in Ransomware

Ryuk Ransomware

The Ryuk Ransomware is a data encryption Trojan that was identified on August 13th, 2018. It appears that private companies and healthcare institutions have been compromised with the Ryuk Ransomware. Threat actors were reported of infecting organizations in the USA and Germany. Initial analysis suggests the threat was injected in systems through compromised RDP accounts, but it is possible that there is a parallel spam campaign that carries the threat payload as macro-enabled DOCX and PDF files. General Facts and Attribution Ryuk Ransomware appeared in the middle of August 2018 with several well-planned targeted attacks against major organizations worldwide, encrypting data on infected PCs and networks and demanding the payment of a ransom in exchange for a decryptor tool. Ryuk does not demonstrate extremely advanced technical skills,...

Posted on August 23, 2018 in Ransomware

More Articles

PureLocker Ransomware

One of the ultimate ransomware threats to be detected by cybersecurity researchers is the PureLocker Ransomware. It is likely that the PureLocker Ransomware is available to be rented as a ransomware-as-a-service tool. This makes it far more threatening as we can never know how many shady individuals have gotten their hands on the PureLocker Ransomware and are propagating it. Thankfully, the authors of the PureLocker Ransomware have set the price rather high, so not many criminals will be able to afford the substantial sum. Impressive Self-Preservation Techniques The PureLocker Ransomware is written in a programming language called PureBasic. The PureBasic programming language allows a threat to be very flexible since malware written in this language can be reworked to be executed on systems running Windows, OSX and Linux. The fact that...

Posted on November 13, 2019 in Ransomware

Peet Ransomware

The most active ransomware family in 2019 has undoubtedly been the STOP Ransomware family, with numerous variants of this file-locking Trojan popping up. One of the newest copies of the STOP Ransomware family that was spotted by malware researchers is called the Peet Ransomware. Propagation and Encryption The infection triggers utilized in the spreading of the Peet Ransomware have not yet been revealed. Some cybersecurity experts believe that among the propagation methods used in the Peet Ransomware campaign may be spam emails containing infected attachments, bogus application updates, and fake pirated copies of popular software tools. Upon infiltrating a system, the Peet Ransomware will start a scan whose aim is to locate all the files, which fit the ransomware threat's criteria. Like most threats of this type, the Peet Ransomware...

Posted on November 13, 2019 in Ransomware

Dharma-Ninja Ransomware

Ransomware threats are among the most popular malware types nowadays, undoubtedly. There are ransomware-builder kits, which have made the creation of ransomware threats easy exceptionally and have thus lowered the entry bar allowing an ever-growing number of cybercriminals to create and propagate this malware kind. One of the newest spotted ransomware threats is called the Dharma-Ninja Ransomware. The Dharma-Ninja Ransomware is a variant of the very popular Dharma Ransomware. Propagation and Encryption It is not known how the Dharma-Ninja Ransomware is being spread exactly. Some researchers believe that the authors of the Dharma-Ninja Ransomware may be using mass spam email campaigns, fake software updates, and bogus pirated variants of legitimate applications to propagate this nasty file-locking Trojan. The Dharma-Ninja Ransomware...

Posted on November 13, 2019 in Ransomware

JesusCrypt Ransomware

A brand-new file-encrypting Trojan has been spotted in the wild. Its name is JesusCrypt Ransomware. Once malware researchers came across the JesusCrypt Ransomware, they made sure to dissect the threat. What they discovered is that this ransomware threat is an unfinished project with some ‘good’ potential. Cybersecurity experts speculate that this may be a variant of the HiddenTear Ransomware, but this is yet to be confirmed. Propagation and Encryption It is not clear what propagation methods are the attackers using to spread the JesusCrypt Ransomware. The most commonly used infection vector is spam emails. These emails often contain a fraudulent message riddled with social engineering tricks whose sole purpose is to lure the user into opening the attached file. The message may make it seem like this is an important and yet completely...

Posted on November 13, 2019 in Ransomware

Send-news.net

You might have stumbled upon the Send-news.net website if you were looking for illicit free streams or pages hosting other shady content whose operators have been paid to promote the dodgy site. The Send-news.net is a dubious Web page whose goal is to get the user to allow the site to send browser notifications. This is not to say that browser notifications are always a pest. Legitimate websites offer to send browser notifications that can be of great help to users. However, this is what happens with the Send-news.net. Instead, this shady website will attempt to promote low-quality products and dodgy services, turning browser notifications into constant pop-up advertisements effectively, which will surely disrupt your browsing. Uses Social Engineering Tricks The Send-news.net site uses several social engineering tricks to get the user...

Posted on November 13, 2019 in Browser Hijackers

Glimpse

Glimpse is a newly uncovered hacking tool that is believed to be the creation of the OilRig group. This hacking group is also known as APT34 (Advanced Persistent Threat) and originates from Iran. Malware researchers have been familiar with the OilRig hacking group for a while, and they are known to be highly-skilled and very threatening. The Glimpse malware is built in a very interesting fashion. The Glimpse threat uses the DNS protocol instead of utilizing the usual, and rather noisy FTP or HTTP connections. However, despite this significantly reducing the noise of the harmful operation, it has some significant negative sides too. The use of the DNS protocol hinders the capabilities of the Glimpse threat greatly. The reason behind this is that this method only supports certain characters and has a limited quantity of data that can be...

Posted on November 12, 2019 in Malware

Octopus Ransomware

A growing number of file-locking Trojans is being spotted daily as more and more cybercriminals dip their toes in the opportunities that ransomware threats offer. If one uses a ransomware building kit or borrows the code of an already established threat of this kind, it can be fairly easy to create a data-encrypting Trojan. This has lowered the entry bar for cyber crooks greatly and made ransomware threats wildly popular. One of the latest spotted ransomware threats is called the Octopus Ransomware. The Octopus Ransomware is a variant of the nefarious Phobos Ransomware. Propagation and Encryption The propagation method behind the Octopus Ransomware is yet to be revealed. Some researchers speculate that the attackers may have used the most common technique of spreading file-locking Trojans – spam email campaigns. This involves the...

Posted on November 12, 2019 in Ransomware

Kr Ransomware

The Kr Ransomware is one of the newest ransomware threats that have been spotted lurking on the Web. When researchers uncovered the Kr Ransomware, they studied the threat only to find out that this is yet another copy of the infamous Dharma Ransomware. It is likely that the Dharma Ransomware family has been the second most active ransomware family in the whole of 2019. Propagation and Encryption It is not known what infection vectors have been utilized in the propagation of the Kr Ransomware. There are experts believing that the creators of the Kr Ransomware may be using mass spam email campaigns, alongside torrent trackers, fake application updates, and bogus pirated copies of legitimate software tools. When the Kr Ransomware manages to infiltrate a host successfully, it will make sure first to scan all the data present on the system....

Posted on November 12, 2019 in Ransomware

ExtraList

ExtraList is a Mac OS application, which can be classified as a PUP (Potentially Unwanted Program). While the ExtraList application will not harm your computer actively, it may reduce your browsing quality. This application is marketed as a tool, which will help the users get better and more relevant results when using a search engine. However, this is not the case certainly, and the ExtraList application will instead tamper with the settings of your browser to ensure that it sets up a different new tab page, or you use a search engine different than your default one. Instead of bettering the search results, the ExtraList application will likely irritate you and deliver low-quality search results. Lowers the Quality of Search Results The ExtraList application will likely promote advertisements that are not only irrelevant but may be...

Posted on November 12, 2019 in Malware

Titanium

The Platinum APT (Advanced Persistent Threat) has remained active ever since it was first spotted back in 2009. The hacking group appears to operate in the Asia-Pacific region mainly, and it seems to target political organizations and high-ranking officials in the area. This is why cybersecurity researchers believe that a government in the region may be funding the operations of the Platinum APT, although these remain as speculations at this moment. Makes Sure to Remain under the Radar of Security Tools The Platinum hacking group has released a new tool named Titanium recently. The Titanium malware is a complex backdoor Trojan, which has a long list of capabilities. The Titanium Trojan’s self-preservation capabilities are impressive as this threat can detect malware debugging environments, anti-malware tools, and various security...

Posted on November 11, 2019 in Backdoors

NACHOCHEESE

The most notorious hacking group originating from North Korea is called APT38 (Advanced Persistent Threat). They also are known under the alias Lazarus and have been active for quite a while. The APT38 hacking group is known to be working for the North Korean government, and their efforts are concentrated on furthering North Korean interests globally. Most hacking groups who are hired by governments tend to operate in a rather conservative manner and make sure they do not cause unnecessary harm to the target’s system. However, the APT38 group takes no interest in such precautions and can sometimes fully destroy an infiltrated system, which is not of importance to it. Some of the members of the APT38 are even wanted by the United States’ FBI. Takes over the Command-Line of the System The NACHOCHEESE threat is a part of the APT38’s...

Posted on November 11, 2019 in Malware

Bundesliga-streams.net

The Bundesliga-streams.net website does not host any unsafe content, but it is a shady page that should be avoided. Users who come across the Bundesliga-streams.net page were likely looking for illicit streams of football (soccer) games from the German football league called the Bundesliga. We recommend you not to visit websites like the Bundesliga-streams.net as they are hosting illicit content and often have malvertising present on their page. These malvertising campaigns tend to promote low-quality products and dodgy or fake services. Uses Social Engineering Tricks The Bundesliga-streams.net site, much like many other shady pages, is likely to use a variety of social engineering techniques to manipulate the actions of the user. Among them can be: The users may be asked to download and install a fake codec pack or media player if...

Posted on November 11, 2019 in Browser Hijackers

Nvram Ransomware

The Nvram Ransomware is a newly uncovered file-encrypting Trojan. Upon spotting this brand-new ransomware threat, malware researchers dissected it only to find that this is yet another variant of the popular Dharma Ransomware. The Dharma Ransomware family has been very active in 2019, and it would seem that cyber crooks continue to make new copies of this notorious data-locking Trojan. Propagation and Encryption The propagation methods used in the Nvram Ransomware campaign are not yet known. However, some malware researchers speculate that the authors of the Nvram Ransomware may be utilizing spam emails containing corrupted attachments, bogus application updates, and fake pirated copies of popular software tools. The Nvram Ransomware targets file types, which are likely to be present on any regular user’s computer such as .mp3, .mp4,...

Posted on November 11, 2019 in Ransomware

Deal Ransomware

Cybersecurity researchers keep spotting more and more ransomware threats lurking on the Web. Among the most recent data-locking Trojans is the Deal Ransomware. When experts studied this threat, it quickly became evident that this is another variant of the infamous Phobos Ransomware. Ransomware threats are seen as a relatively safe method of generating some quick cash on the backs of innocent users, and it is likely that this trend will not die out any time soon. Propagation and Encryption It has not yet been divulged what the infection vectors utilized in the spreading of the Deal Ransomware are. Some suppose that the attackers may be using spam emails to propagate this Trojan. Such emails often contain a corrupted attachment, which, once opened, would hijack the targeted system. To induce the user to launch the attached files, the...

Posted on November 11, 2019 in Ransomware

AIR Ransomware

The AIR Ransomware is a brand-new ransomware threat that emerged at the beginning of November. Once malware experts spotted the harmful activity of the AIR Ransomware, they studied the threat and found that it is a variant of the Major Ransomware. Many cyber crooks base their file-locking Trojans on already established ransomware threats, as this is much less time-consuming than building a threat from scratch. Propagation and Encryption The propagation method used in the spreading of the AIR Ransomware is not known yet. Often, cybercriminals utilize spam email campaigns, bogus application updates, fake pirated variants of popular software tools, and torrent trackers, among many other propagation methods. The AIR Ransomware goes after a large variety of file types. Threats of this class make sure to cause as much damage as possible,...

Posted on November 8, 2019 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,372