'Google Chrome Critical Error Red Screen' Scam

The 'Google Chrome Critical Error Red Screen' scam (also known as 'Google Chrome Critical ERROR' Pop-Ups) is an online tactic whose purpose is to collect money from its victims by making them pay for non-existent or useless services and software. The tactic is executed by presenting the users with a bogus pop-up window that may cause their Web browser to malfunction, therefore leaving them with the impression that there is something wrong with their systems. According to the contents of the messages that the 'Google Chrome Critical Error Red Screen's uses, the users have become the target of hackers, and there was an attempt to collect their credentials, conversations and payment details. Thankfully, these statements are fake, and you can rest assured that Web browser pop-ups are an unreliable source of information about your...

Posted on September 19, 2019 in Adware

MobiHok RAT

Smartphones have become an unavoidable part of our lives, and we often rely on them to store sensitive information, private photos, or even to complete financial transactions. This is why it is not a surprise that cybercriminals are paying more and more attention to the security holes in Android devices, and they also focus on developing hacking tools that are compatible with Android. One of the up-to-date entries to the long list of Android-compatible malware is called ‘MobiHok RAT.’ This Remote Access Trojan is being sold on hacking forums currently, and its author also is using YouTube and Facebook to advertise the features that this malicious application has. A Copycat of the SpyNote RAT being Sold Online Malware researchers who examined a sample of the MobiHok RAT (also known as MobeRat), report that it shares a lot of...

Posted on September 18, 2019 in Remote Administration Tools

Hermes837 Ransomware

Seeing the ‘.hermes837’ extension added to some of your files is a sure sign that your computer has been infiltrated by the Hermes837 Ransomware, a dangerous file-locker that has the ability to leave the majority of your files in an encrypted state. Threats like this one are exceptionally threatening since they are meant to cause long-term damage that cannot be undone by running an anti-virus tool and removing the source of the problem. The only way to restore the files locked by the Hermes837 Ransomware is to use a decryption tool paired with the unique decryption key that the ransomware generated for you. Unfortunately, that key is stored on the server of the Hermes837 Ransomware’s operators only, and they are not willing to part it for free. The Hermes837 Ransomware Targets Popular File Formats Threats like this one are often...

Posted on September 18, 2019 in Ransomware

Koko Ransomware

Dealing with the consequences of a Koko Ransomware attack can be a very challenging task due to this threat’s ability to encrypt files and make their contents inaccessible. Reverting the encryption is impossible without acquiring the unique decryption key that the Koko Ransomware uses for each victim. Unfortunately, this key piece of information is stored on the server of the threat’s operators, and they will not give it away unless they receive fair Bitcoin compensation. The Koko Ransomware may be Spread via Fake Emails and Downloads The Koko Ransomware’s authors may use several propagation channels to ensure that their threatening application will reach as many users as possible – phishing emails with bogus attachments, pirated software, fake downloads or fake software updates and patches. The Internet is full of potentially harmful...

Posted on September 18, 2019 in Ransomware

PyLock Ransomware

Ransomware attacks can be very devastating if you do not have an up-to-date backup copy of your files. This particular malware has the ability to encrypt a large portion of your files in a matter of minutes, and then begin to extort you for money by offering to sell you a decryptor in exchange for Bitcoin. An example of such a piece of ransomware is the PyLock Ransomware, a newly discovered file-encryption Trojan that may have already managed to get to computers in different countries. The PyLock Ransomware is Swift and Threatening The typical propagation channels used to spread the PyLock Ransomware are fake downloads, torrent trackers, bogus email attachments, etc. You should stay away from suspicious content like that and always to use a reputable anti-virus tool to scan the files coming from unknown sources. If you fail to stop the...

Posted on September 18, 2019 in Ransomware

Ordinypt Wiper

In the past decade, cybercriminals have used cyber threats to generate profit for themselves almost exclusively – they use malware that can extort the victim for money, collect their financial details, gather cryptocurrency wallets, or even harvest the computer’s power to mine for various cryptocurrencies. However, it appears that there are still groups of hackers who opt to rely on malware that is purely destructive – this is the exact case with Ordinypt Wiper, a piece of malware capable of damaging a large number of files in a matter of minutes. Attacks with the Ordinypt Wiper are targeted to German users and companies exclusively, and its authors still attempt to make some money despite being unable to help their victims at all. German Users are Again the Targets of a Data Wiper The first reports from victims of the Ordinypt Wiper...

Posted on September 17, 2019 in Malware

Skidmap

Cryptojacking campaigns have been one of the leading trends in the world of cybercrime and, as expected, the cybercriminals are beginning to introduce more advanced crypto mining malware that can evade sandboxes, persist after removal, and even disguise its presence on the victim’s machine. One other notable thing about a crypto-mining malware is that it is not only targeted to Windows computers certainly – many of the malware families go for Linux-based systems, and this is the case with Skidmap. Cryptocurrency Mining Malware Continues to Evolve Skidmap is a newly discovered malware family whose primary purpose is to deploy a pre-configured cryptocurrency miner malware that generates Monero coins for the attackers. While this is the typical thing you would expect to see from a cryptojacking project, there is a lot more packed in...

Posted on September 17, 2019 in Malware

InnfiRAT

Remote Access Trojans (RATs) are among the most versatile tools in the arsenal of cybercriminals. They are loaded with tons of features usually and provide their operators with the ability to take complete control over the victim’s machine. In addition to this, they also support modules to execute specific operations that allow the attacker to collect particular files or data from the infected machine. InnfiRAT is one of the new RAT projects to be spotted in the wild, and it appears to have special modules dedicated to collecting cryptocurrency wallets and cookies from the victim’s machine. Of course, it also packs many of the other features you would expect to see in a Remote Access Trojan. InnfiRAT may be a Private Hacking Tool Often, software like this is being sold on hacking forums, but we are yet to encounter any advertisements...

Posted on September 17, 2019 in Remote Administration Tools

Mac Cleanup Pro

There are several complaints on the official Apple forums by users who were targeted by advertisements that promote the Mac Cleanup Pro, an optimization utility that claims to provide users with the ability to clean their Mac devices and optimize its performance and health. However, there is a catch – the users did not see online advertisements. Instead, they see pop-ups offering to purchase the full version of the Mac Cleanup Pro were triggered by the trial version of the Mac Cleanup Pro they had on their computer. Many of the users report that they did not recall installing this application so that it is possible that it might have used social engineering tricks or misleading instructions to get there. It is not unusual for Potentially Unwanted Programs (PUPs) like the Mac Cleanup Pro to be spread via software bundling. A Useless...

Posted on September 17, 2019 in Potentially Unwanted Programs

WiryJMPer Dropper

Cybersecurity experts have detected a new Trojan dropper in the wild. It goes by the name ‘WiryJMPer’ and, so far, it has been used to deliver one particular malware strain, the NetWire RAT. The purpose of Trojan Droppers is to deliver an embedded payload and assisting it when it comes to evading sandboxes and anti-virus engines. Malware developers tend to use a wide range of tricks to increase their Trojan Dropper’s odds of beating the security tools their target may use – in the case of the WiryJMPer Dropper, the corrupted file is loaded with junk code, as well as with useless functions that iterate through random sections of the code without doing anything meaningful. A Basic Dropper Being Used to Deliver a Threatening Remote Access Tool Despite being able to stay hidden from the eyes of malware researchers for at least a few...

Posted on September 16, 2019 in Trojans

WatchBog

The activity of the WatchBog has been monitored closely for the past year, and it appears that its operators are certainly not dormant. So far, the WatchBog botnet has been used to mine for Monero exclusively. As usual, the task is completed by planting a covert cryptocurrency miner on the compromised host, and then loading a configuration file with the wallet address, mining pool and miner settings. Naturally, the victim is kept in the dark, and all of the generated Monero coins get transferred to the attacker’s wallet. A recent update to the WatchBog botnet did not go unnoticed by security experts, and it appears that the criminals behind the project are planning to expand their operation by looking for new victims via the BlueKeep Windows vulnerability. A CPU-Intensive Cryptocurrency Miner may Cause Performance Issues What would be...

Posted on September 16, 2019 in Botnets

Mac Ads Cleaner

Every Internet user loves the idea of getting rid of the advertisements that they keep seeing online, especially since many of them contain irrelevant content. However, you can rest assured that the Mac Ads Cleaner is one of the utilities that will not help you with this problem, despite what its name claims. This software is available for all OSX devices, and it is advertised an all-in-one privacy protector, advertisements cleaner, and malware removal application. If you think this seems to be too good to be true, then you have the correct idea – the helpfulness of the Mac Ads Cleaner is questionable, at best, and it is important to note that many reputable Mac security tools report this software as a Potentially Unwanted Program (PUP). The official Apple forums have several threads regarding the Mac Ads Cleaner, and all of their...

Posted on September 16, 2019 in Potentially Unwanted Programs

AwayTab

Users often experiment with different Web browser extensions that offer interesting and quirky features. If you are a person of this type, then you might have encountered AwayTab, a Google Chrome add-on, which promises to provide its users with attractive vacation offers whenever they open a new tab page. This may sound great at first, but you should not forget that the installation of AwayTab will prevent you from using a helpful new tab page. Instead, you will always be welcomed by a random vacation spot that is accompanied by offers to book a hotel or buy plane tickets. In general, browser add-ons that apply changes to the browser’s configuration are frowned upon, and AwayTab is not an exception. Many security applications will advise for AwayTab’s immediate removal. Another thing that users of AwayTab should know is that the...

Posted on September 16, 2019 in Adware

PutLocker Ads

Many users search online for websites where they can watch their favorite TV shows or movies for free. However, Web pages that host such media and offer it free of charge are making their money by other, shadier means. This is the case with the PutLocker streaming service. Just like most dodgy websites, which offer pirated content, the PutLocker page works with a network of dubious advertisers. Such advertisers often push low-quality products or useless services. They also tend to promote other shady websites, which would sometimes be hosting adult entertainment, gambling, fake giveaways, etc. The PutLocker page tends to promote a few types of dodgy offers, which one should keep an eye out for and avoid at all costs: Promotion of dubious applications. Dodgy gambling platforms. Fake technical support services, which use social...

Posted on September 13, 2019 in Adware

Movies123 Ads

People who do not like paying for legal streaming services often end up either looking to download the media they are after illicitly or searching for Web pages that offer to stream pirated content for free. However, as it is said, there is no free lunch. Websites that host pirated media tend to work with a whole network of other dodgy actors. Mainly dubious advertisers who will try to sell you all sorts of shady products and subscriptions. A common trick used by dodgy websites like the Movies123 page is to try and trick the user into giving them permission to display browser notifications. Many legitimate websites ask for permission to send browser notifications, but their goal is to provide users with breaking news, latest gossip, or newest sales. These notifications are usually desired by the user and therefore, are not considered...

Posted on September 13, 2019 in Adware