‘Access To Your Computer Has Been Restricted’ Pop-ups

The 'Access To Your Computer Has Been Restricted' pop-up windows in your browser that may look like a BSOD error report are not to be trusted. The 'Access To Your Computer Has Been Restricted' pop-up windows are generated on untrusted pages that might cause browser crashes and continuous reloading of the page. The sites associated with the 'Access To Your Computer Has Been Restricted' alerts are designed to cause rendering problems for users and simulate a "critical system condition" situation. The 'Access To Your Computer Has Been Restricted' alerts are not legitimate reports from Windows OS and Microsoft Corp. The 'Access To Your Computer Has Been Restricted' messages are meant to scare users into calling a computer support specialist who is supposedly a certified expert employed by Microsoft. The text on the 'Access To Your Computer...

Posted on June 26, 2017 in Adware

Kryptonite Ransomware

The Kryptonite Ransomware is a file encoder program that was discovered by malware researchers while doing an analysis of suspicious samples that were submitted to an online security platform. At the time of writing, the Kryptonite Ransomware appears to be a work-in-progress project that may be inspired by the fictional gem kryptonite from the Superman comics published by DC Comics. The Kryptonite Ransomware is seen to change the desktop background of machines to an image that has a gem colored in green and the text 'KRYPTONITE' as well as a ransom message. Fortunately, the Kryptonite Ransomware is not released officially, yet. You should have time to add a backup solution and a trusted anti-malware shield to your system before the work on the Kryptonite Ransomware is complete. Malware analysts suspect that the authors of the...

Posted on June 26, 2017 in Ransomware

PSCrypt Ransomware

The PSCrypt Ransomware is an encryption Trojan that surfaced with reports from computer security researchers in the last week of June 2017. The PSCrypt Ransomware Trojan is distributed to users via spam emails loaded with a macro-enabled Microsoft Word file. The document may be proposed to users as an invoice, order confirmation and message from a friend on a social media service. Either way, the file acts as an installer that includes a script which is loaded in Windows and issues commands that result in the installation of the PSCrypt Ransomware. A closer look at the code of the PSCrypt Ransomware revealed that the threat has been recorded in December 2016 under the name Globe Imposter Ransomware. Evidently, the authors of the Globe Imposter Ransomware have made a step away from the Globe Ransomware franchise and wish to give rise to...

Posted on June 26, 2017 in Ransomware

VINDOWS DEFENDOR Ransomware

The VINDOWS DEFENDOR Ransomware is a Screen Locker Trojan that demands a payment of 500 USD from the user to return access to the desktop. Computer security researchers reported the release of the VINDOWS DEFENDOR Ransomware in the last week of June 2017. The threat is believed to be based on the Levis Locker Ransomware considering both threats behave the same way and include the photo of the media creator LewissTechYT. Additionally, the VINDOWS DEFENDOR Ransomware sports a nearly identical message to the one we have seen with Levis Locker. PC users are advised to avoid spam emails and ask for confirmation when they are invited to run an insecure script inside Microsoft Word documents. Cyber security experts reported that the VINDOWS DEFENDOR Ransomware is designed to make an entry in the MSCONFIG panel and run on the next system boot...

Posted on June 26, 2017 in Ransomware

QuakeWay Ransomware

The QuakeWay Ransomware is a file encoder Trojan that is written in the AutoIt programming language. Initial threat analysis showed that the QuakeWay Ransomware is used in attacks at regular PC users. You might be suggested to download an invoice and order confirmation form when browsing spam emails. The spam emails related to the QuakeWay Ransomware are reported to include a macro-enabled document which includes a script responsible for installing the QuakeWay Ransomware on the primary system disk. The QuakeWay Ransomware is classified as a mid-tier crypto malware that is ranked among threats like Schwerer Ransomware and UltraLocker Ransomware. The QuakeWay Ransomware does not differ from the majority of file encoder Trojans on the market. The program is designed to scan the infected PC for available data storage units, make a list of...

Posted on June 26, 2017 in Ransomware

Windows 10 S Isn’t Immune to Ransomware Despite ‘Streamlined’ Security and Performance

In a blog post from June 8, Microsoft's Malware Protection Center (MMPC) wrote about how catastrophic the effects of a widespread ransomware infection can be. In the wake of the horrific WannaCry outbreak during which hospitals resorted to turning down patients and rescheduling life-saving surgical operations because their computer systems were down, it's safe to say that there's no sensible human being that would try to argue with that. A couple of paragraphs later, however, MMPC's people say that 'no known ransomware works against Windows 10 S.' This bold claim is more debatable. Windows 10 Poised As Being Ransomware-Proof Windows 10 S is, in Microsoft's own words, "streamlined for security and performance." The configuration should be much more secure than the rest of Windows' iterations because it doesn't allow running applications...

Posted on June 26, 2017 in Computer Security

Updated Locky Ransomware Crippling Left-Over Windows XP Systems

Here's a brief recap of what's happened in the top tier of the ransomware landscape over the last half a year or so. After dominating the industry for quite a while, Locky went on a long vacation in December 2016 and stayed under the radar for a few months. Cerber became the Number 1 ransomware family when it comes to widespread distribution, and although smaller strains like Spora and Shade tried to put up a fight, they had no chance. In April, Locky reared its ugly head once again, but the burst of spam turned out to be more of a cameo reappearance than a back-with-a-bang return. In May, Jaff, initially considered to be the rightful successor of Locky, popped up and infected quite a few people in a matter of hours, but its timing was awful. Twenty-four hours later, the WannaCry outbreak crippled hundreds of thousands of computers...

Posted on June 23, 2017 in Computer Security

66.com.ua

The 66.com.ua site is promoted as a cool search launcher based on the character Darth Vader from the Star Wars franchise. The 66.com.ua site features a minimalistic layout that offers a single search bar and a background image of Darth Vader looking with contempt for the Web user. The creator of the 66.com.ua portal is not known publicly, but we are aware that he/she have embedded a customized Yandex search on 66.com.ua. The Vader's Search ('Пошукова Машина Вейдера' in Russian) service is aimed at Russian-speaking users, but it supports 29 languages, most of which are spoken in Asia primarily. Additionally, the 'Vader66' site is promoted on forums and social media services favored in Russia actively. The 'Vader66' search portal at 66.com.ua is not perceived as a reliable search service provider. A closer look at the code of the page...

Posted on June 23, 2017 in Browser Hijackers

WizzRelease

The WizzRelease software is associated with the Wizzcaster ads platform hosted on the bestoffersfortoday.com domain. The WizzRelease software was reported to be an adware by computer security researchers in June 2017. The bestoffersfortoday.com domain was mentioned in reports for browser redirects and excessive advertisement as early as February 2017. Evidently, the WizzRelease program is classified as an adware that is designed to connect to bestoffersfortoday.com and display marketing materials to the user. The WizzRelease adware may arrive on computers when the users install free software packages with the 'Express' and 'Typical' option. The WizzRelease adware is reported to install files in the following directories: C:\users\%username%\appdata\local\mbot_se_014010396\download\wizzrelease.exe C:\application data\local...

Posted on June 23, 2017 in Adware

‘Windows Health Is Critical’ Pop-Ups

The 'Windows Health Is Critical' pop-up windows that feature a background colored in blue and mention an error code dubbed '0xFFFFFFF' should not be trusted. The 'Windows Health Is Critical' pop-up windows offer misleading information and aim to convince the users that they need help due to the critical condition of the computer. Computer security experts alert that the 'Windows Health Is Critical' warnings are not associated with legitimate problem reporting systems by Microsoft. When you experience a system crash, the OS will present you with a report and options on how to recover enclosed in a program window that is likely to include the term "Troubleshoot." The 'Windows Health Is Critical' warnings are generated by Web pages, which may include a script that makes your browser unresponsive by instructing it to reload a non-existent...

Posted on June 23, 2017 in Adware

Secure-surf.net

The Secure-surf.net site is promoted as a search engine that respects your privacy and offers access to popular services like Gmail, Google+, Facebook, Instagram and Amazon. However, the presentation of Secure-surf.net falls short when you look at the address bar and realize that the connection to the engine is unencrypted. Additionally, the site is styled after the default new tab in Google Chrome with several modifications. You should note that Secure-surf.net is not a domain associated with Google Inc. and it acts as a redirect-gateway to Rambler.ru and Yahoo. When a user initiates a search at Secure-surf.net two new tabs would open. One is loaded with content at Rambler.ru, and the other shows search results at Search.yahoo.com. Secure-surf.net is classified as an unreliable site that is associated with a browser hijacker. The...

Posted on June 23, 2017 in Browser Hijackers

Smartyfi.net

The Smartyfi.net portal offers visitors access to a weather forecast suited to their geographical location. Web surfers may be asked to allow Smartyfi.net to detect their physical location accurately and show notifications in their browser. The Smartyfi.net site sports a bleak design, which may have been a decision intended to provide maximum performance. The Smartyfi.net site is represented by a blank page, which has a search bar on the right side and a weather forecast panel beneath the search bar. The panel at Smartyfi.net loads content based on your IP address automatically and does not allow the user to add more than one city or explore forecasts unrelated to your current location. You will need to use the search bar at Smartyfi.net and load services like accuweather.com if you need more information. Additionally, Smartyfi.net...

Posted on June 23, 2017 in Browser Hijackers

aZaZeL Ransomware

The aZaZeL Ransomware is an encryption Trojan that surfaced with computer security reports in the third week of June 2017. The aZaZeL Ransomware is programmed to modify files on the compromised system and suggest the user that the files can be recovered if payment is made to a particular Bitcoin address. The aZaZeL Ransomware is named after the 'azazel-bot@india.com' email account that was listed on the ransom notification. Malware researchers alert that the aZaZeL Ransomware may be installed via macro-enabled documents downloaded from spam emails. The threat is known to target regular PC users and small businesses. Once the aZaZeL Ransomware manages to encrypt your data, it is impossible to decode it because the Trojan is using advanced cryptographic algorithms and its data transmissions are encrypted as well. The aZaZeL Ransomware is...

Posted on June 23, 2017 in Ransomware

Trojan.Bitcoinminer

Trojan.Bitcoinminer is a detection name that is used in reference to the file 'indexer.exe' that is used to mine the Feathercoin and the Bitcoin cryptocurrencies. The Trojan.Bitcoinminer program that runs as indexer.exe can be found in a hidden folder under the AppData directory. You should note that the software used to mine cryptocurrency is very demanding, requires a lot of computational power and has an increased electricity consumption. Consequently, machines equipped with a miner need to be sturdier than your average computer. Also, PC users that wish to mine Bitcoins and Feathercoins should read the appropriate documentation and know what they are going into. Threat actors use tools like the Trojan.Bitcoinminer and take advantage of the combined processing power of many computers to mine cryptocurrency and claim a fee for their...

Posted on June 23, 2017 in Trojans

Jungle Arcade

The Jungle Arcade software from Junglearcade.com/games is promoted as a browser extension that offers free access to quality games on the Internet. The software is classified as a Potentially Unwanted Program (PUP) that is designed to modify your browser settings, load content from Junglearcade.com/games, load persistent tracking cookies and change your new tab page. The Jungle Arcade software is available to Google Chrome, Internet Explorer and Mozilla Firefox users. If you intend to install the Jungle Arcade extension, you should read the terms of use and privacy agreement at: junglearcade.com/Terms junglearcade.com/Privacy The Jungle Arcade program changes your new tab page to a custom version of Junglearcade.com and reads information like your Internet history, bookmarks collection and download log. The data is transmitted to...

Posted on June 22, 2017 in Possibly Unwanted Program
1 2 3 4 5 6 7 8 9 10 11 12 1,164