Fmovies Ads

The Fmovies website is a streaming platform hosting pirated content such as TV shows and movies. In itself, the Fmovies page is not unsafe and is not hosting threatening content either. However, the possession and viewing of pirated movies and TV shows is illicit, and we will strongly advise you to keep your distance from such content. Like most streaming services, which host pirated content, the Fmovies page contains dodgy advertisements. Since the website itself is hosting illicit content, the advertisers it works with also are very shady, to say the least. Users of the Fmovies website will be bombarded with advertisements and pop-ups marketing them all sorts of dubious products and services such as bogus giveaways, adult cam shows, gambling sites, etc. Needless to say, it is best to stay away from these advertisements as you may end...

Posted on September 10, 2019 in Adware

Joker

There is a new Android malware that has been plaguing Android users worldwide. Its name is Joker, and so far, it is likely that this threat has infiltrated over 450,000 Android devices. The Joker malware is being propagated on the official Google Play Store under the disguise of 24 different bogus applications. However, this is not the first instance of threatening applications being hosted on the Google Play Store as they have been struggling with this issue for years. European and East Asian Regions Most Affected Once the developers at the Google Play Store caught a whiff of the Joker malware, they made sure to remove the applications, which were linked to this threat. However, having in mind the large number of devices, which were already infected with the Joker malware, this threat may still present on hundreds of thousands of...

Posted on September 9, 2019 in Malware

Glupteba

The Glupteba Trojan is a threat that has been known to malware researchers for a while. In previous campaigns, it appeared that the main purpose of the Glupteba Trojan is to infect as many devices it can and use them to build a botnet. Usually, botnets are used for crypto mining operations, DDoS (Distributed-Denial-of-Service) attacks, and to be rented out as a service to other shady actors online. However, the Glupteba Trojan has recently made a comeback, and its activity appears to be spiking. The Glupteba malware has returned in the shape of a Trojan dropper, which can not only serve as a gateway for more threats to be planted on the host but also can allow its operators to get almost complete control over the infected machine. Propagation Method The latest Glupteba variant is propagated via a malvertising campaign that is likely to...

Posted on September 9, 2019 in Trojans

Barak Ransomware

Cybersecurity researchers spot new ransomware threats on a daily basis. An increasing number of people with questionable morals are taking up the 'business' of ransomware as it is widely believed that it is an easy way to get some quick cash. Among the newest uncovered data-locking Trojans is the Barak Ransomware. Infection and Encryption Upon discovering and studying the Barak Ransomware, malware researchers concluded that it is a variant of the Phobos Ransomware. The propagation methods employed in the spreading of the Barak Ransomware are still unknown. Some malware experts speculate that the creators of the Barak Ransomware may be using mass spam email campaigns, fake software updates, and pirated bogus variants of popular applications as infection vectors to spread this nasty threat. Once the Barak Ransomware infects a host...

Posted on September 9, 2019 in Ransomware

Erenahen Ransomware

Cybersecurity researchers are struggling to keep up with all the new file-encrypting Trojans that are popping up on a daily basis. It appears that the 'business' of ransomware threats is thriving and the entry barrier is very low as even shady actors with little to no experience can create a data-locking Trojan by simply borrowing the code of an already established ransomware threat and altering it slightly. Infection and Encryption This appears to be the case of the file-encrypting Trojan in question today – the Erenahen Ransomware. When malware researchers studied this threat, they discovered that it might belong to the GlobeImposter Ransomware family. If the Erenahen Ransomware infiltrates your machine, it will start the attack by performing a brief scan of the data. The objective is to determine the locations of the files, which...

Posted on September 9, 2019 in Ransomware

Moka Ransomware

Moka Ransomware has been discovered to be a vicious malware threat that comes out of the Djvu family of ransomware. Such a family of ransomware is well-known for its aggressiveness in encrypting files on infected systems and making demands for the PC users to pay a substantial ransom fee of around $1,000 to restore the encrypted files. The name of Moka Ransomware comes from the file extension used to append to all files that it encrypts, which is .moka. While each encrypted file is easily identified, they cannot be accessed unless one pays the $1,000 ransom to decrypt the files. However, those affected by Moka Ransomware can first remove the Moka Ransomware threat and then seek a system backup to restore individual files that the threat initially encrypted.

Posted on September 6, 2019 in Ransomware

Vault Ransomware

Vault Ransomware is among a newer family of malware that offer detailed instructions for remedying its attack. Though, Vault Ransomware is still very dangerous and is known to provide decryption methods for those who end up with the Vault Ransomware infection on their system. Upon installation of Vault Ransomware, which may primarily come from opening spam email attachments, the threat will lock up a system and make claims of decrypting data. Vault Ransomware will then offer to decrypt files if the PC user makes a ransom payment, which will then return specific instructions for supposedly restoring the encrypted files. Instead of paying up a ransom and following its provided decryption instructions, PC users affected by Vault Ransomware will want to first take appropriate action to remove Vault Ransomware from their system and then...

Posted on September 6, 2019 in Ransomware

Novideo.me

The Novideo.me web page is a questionable site that acts as a browser hijacker where the loading of Novideo.me may take place automatically due to installation of ransom add-on files. The Novideo.me site may offer a video that explains the removal of malware or other deceptive files using a trojan killer application. Computer users should avoid such at all costs or they could risk installing additional malware. Browser hijackers like Novideo.me may be loaded when PC users download and install random freeware apps or programs that come bundled with other add-ons. Upon loading of Novideo.me and its associated files, a web browser application may be taken over to automatically load Novideo.me as a default home page or new tab page. Stopping such an action will require the detection and removal of all Novideo.me files or components that...

Posted on September 6, 2019 in Browser Hijackers

Carambis Cleaner

Carambis Cleaner is an application that appears to offer system cleaning of a PC for those who wish to find and remove threats and performance hindering files. While Carambis Cleaner looks to offer system cleaning features, it is mostly misleading and may not complete its promised functions. At best, Carambis Cleaner is questionable and therefore has been deemed as a potentially unwanted program (PUP). As a PUP, Carambis Cleaner may have difficulties being uninstalled. In such cases, PC users may utilize an antimalware resource to automatically detect all files associated with Carambis Cleaner and eliminate them along with removal of the Carambis Cleaner application. The uses of Carambis Cleaner are not clear, and most will want to eliminate the program from their system to stop a series of unwanted alert messages and pop-ups that may...

Posted on September 6, 2019 in Potentially Unwanted Programs

Astaroth Malware Moves in on Cloudflare Workers to Evade Detection

Astaroth Malware Moves in on Cloudflare Workers to Evade Detection screenshot

In recent news a published report about the spread of Astaroth, a fileless malware that plagued users attracted the attention of the internet security community. This threat ran system tools that used a complex attach chain that used no executables to perform its actions in secret. After the published report, the group behind the actions of the Astaroth campaign decided to change their tactics. Specifically what they did was moving on to using Cloudflare Workers to continue their campaign by attempting to dodge detection. The process was done in several stages, as explained below. Stage One The actors behind the campaign began their work by using a classic social engineering scheme. What...

Posted on September 5, 2019 in Computer Security

Group Ransomware

Ransomware threats keep emerging daily, and malware researchers are struggling to keep up with all the new data-locking Trojans that keep popping up. Even shady individuals with little to no experience in the field of cyber crime can develop and distribute their own ransomware threats if they borrow the code of already well-established file-encrypting Trojans and only tweak it a little bit. Propagation and Encryption This is precisely the case of the Group Ransomware. Once malware experts spotted this threat, they made sure to dissect it only to reveal that this is a variant of the popular Dharma Ransomware. They have not been able to confirm what are the exact infection vectors employed in the propagation of the Group Ransomware. Some believe that the likely propagation methods used in the spreading of this ransomware threats may be...

Posted on September 5, 2019 in Ransomware

RYK Ransomware

An increasing number of cyber crooks try their luck in the field of ransomware. Often, ransomware threats are seen as a quick and easy way to get some cash with little repercussions. Propagation and Encryption Very recently, malware experts uncovered yet another file-encrypting Trojan lurking in the shadows of the Web. Its name is the RYK Ransomware. Upon further inspection, the RYK Ransomware revealed to be a variant of the Ryuk Ransomware. It is likely that the operators of the RYK Ransomware are using some of the most common methods of spreading threats of this type – spam emails containing macro-laced attachments, fake applications updates, and bogus pirated copies of popular software. If the RYK Ransomware manages to infiltrate your PC successfully, it will start the attack my scanning the files present on the system. This is done...

Posted on September 5, 2019 in Ransomware

Ostap

Recently, cybersecurity researchers spotted the activity of a JavaScript-based Trojan Downloader called the Ostap Downloader. This Trojan downloader appears to have been used to propagate the Trickbot malware. The Ostap Trojan Downloader is capable of detecting and avoiding any anti-virus tools and services which may be present on the compromised system. It is also meant to examine the infected PC and collect information. If the Ostap Downloader is satisfied with the data collected, it will proceed the attack by establishing a connection with the C&C (Command & Control) server of its operators. The Ostap Trojan Downloader will then proceed to grab the malicious payload it is meant to distribute from the attackers' C&C server and deploy it on the compromised machine. So far, it appears that the Ostap Downloader has only been used in...

Posted on September 5, 2019 in Trojans

TxHollower

There is a certain type of malware, called Trojan Loaders, which have their code so obfuscated that they manage to bypass the security checks of many anti-malware tools. On their own, Trojan Loaders do not possess any malicious features, but they are used as a backdoor through which the attackers can plant much more dangerous threats on the compromised host. Trojan Loaders are fairly similar to another type of threat – the Trojan Downloaders. However, Trojan Downloaders tend to download the malicious payload that is meant to be planted on the host from a remote server, while the Trojan Loaders carry the payload themselves. Uses Doppleganging and Hollowing Techniques Recently, malware researchers spotted a new Trojan Loader named TxHollower. There are reports that the TxHollower Trojan Loader has already been employed in several...

Posted on September 5, 2019 in Trojans

Gaming Cheaters Hit by Data-Stealing Baldr Malware Threat

Gaming Cheaters Hit by Data-Stealing Baldr Malware Threat screenshot

A big problem in the gaming industry that affects both players and gaming companies is cheating, especially when it happens in multi-player games where cheating offers an easy way to acquire an advantage over the opponents. Various cheating tools are currently available on the market, and as they have become extremely popular among gamers, malware creators have identified a new niche for spreading malicious applications. A new malware threat called Baldr has made it to the scene in early 2019, stealing gaming account passwords and sensitive user details. Most likely, it has been transmitted by cheating software promoted on YouTube. Videos advertising cheats for gamers on YouTube are...

Posted on September 5, 2019 in Computer Security
1 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 1,370