Search Tab New

The Search Tab New browser extension is promoted as a free Chrome companion that can help you customize the appearance and feel of your new tab page in Google Chrome, as well as integrate search engines like Yahoo, Google, Bing and DuckDuck go into one search box. When you install the Search Tab New browser extension it may require the following privileges: Read and change all your data on the websites you visit. Read and change your browsing history. Change your new tab page settings. Change your privacy-related settings. Display notifications. Read and change your bookmarks. Manage your apps, extensions, and themes. The Search Tab New extension behaves and performs the same way as the Search Manager extension. Both apps are not deemed as trusted and lack representation on the Chrome Webstore. Cyber security researchers alert that the...

Posted on March 17, 2017 in Browser Hijackers

PC Health Aid

PC Health Aid is promoted as a system optimizer at pchealthaid.com that can improve the performance of your machine by removing unnecessary files, cleaning your Registry, and making tweaks to hidden settings on Windows. Computer users can download a trial version of PC Health Aid from pchealthaid.com and run a scan for free. The trial version of PC Health Aid is designed to add a startup entry and launch with Windows when you turn on your computer. PC Health Aid runs in the background and may display pop-up windows that welcome users to buy a commercial license. Also, you may notice "Critical System Condition" alerts in the bottom right corner that are generated by PC Health Aid and claim that you need to buy an activation code if you intend to improve the stability of your OS. The PC health Aid optimizer is promoted to be a trusted...

Posted on March 17, 2017 in Possibly Unwanted Program

DailyProductivityTools Toolbar

The DailyProductivityTools Toolbar is packed as a browser extension that claims to increase your productivity with access to free online tools. Web surfers do not need to pay a monthly subscription or buy a license for the DailyProductivityTools Toolbar. You can download the DailyProductivityTools browser extension at dailyproductivitytools.com/index.jhtml and install it to your Internet client for free. The DailyProductivityTools app is developed by Mindspark Interactive Network, Inc. as an ad-supported program that is nearly identical to the Productivity Boss Toolbar that Mindspark released in August 2016. Computer users submitted complaints online about DailyProductivityTools on the third week of March 2017 saying that it has made changes to their Internet settings, which were not welcomed. When you install the...

Posted on March 17, 2017 in Possibly Unwanted Program

Video Abductor

The Video Abductor software from the team at videoabductor.com is offered to PC users for free for personal use and allows them to download video content from platforms like YouTube, VEVO, Facebook, Instagram, Twitter and Vimeo. Video Abductor may run on the latest versions of Windows OS and comes with a self-updater module so that you don't have to visit videoabductor.com and re-install the desktop app all over again. However, Video Abductor is deemed as a Potentially Unwanted Program (PUP) that you may want to reconsider installing because it is bundled with the Chocolatey (chocolatey.org) package manager and you may find unknown programs running on your system. Chocolatey is a legitimate package manager that allows software developers to push updates to their users but you might not be notified of new components and third-party...

Posted on March 17, 2017 in Possibly Unwanted Program

GoaSave

If you experience pop-up messages that say 'Ad by GoaSave,' 'Powered by GoaSave,' and 'Sponsored by GoaSave' you may be infected with adware. The GoaSave adware is spread among users with the help of free software packages. Computer users that do not bother to explore the 'Advanced' and 'Custom' option of program installers may allow the installation of unwanted components and adware like GoaSave and Clip Clip Save. You may be suggested that GoaSave is a suitable shopping helper, but the fact is that GoaSave may show all various types of advertisements on your screen and claim pay-per-click revenue. Threats like GoaSave may run in the background and lack a program interface that you may be able to access. The GoaSave adware is able to generate an overlay on top of the browser surface and cover safe advertisements on the pages you...

Posted on March 17, 2017 in Adware

Google Security Team Takes Down a Big PHA Family Named Chamois

Cyber security engineers from Google Security team have discovered and taken down a huge family of Potentially Harmful Applications (PHAs) named Chamois. The researchers detected the malicious applications while doing a routine check-up in the course of the ad traffic evaluation. Verify Apps had an immense role in discovering and destroying Chamois as these applications do not appear in the list of installed apps, thus most users would not even realize they have unwanted and potentially harmful programs on their device. While analyzing the malicious apps, the researchers also found out that the Chamois-based adware has several methods to avoid detection while it is displaying deceptive graphics in an attempt to lure the victim into clicking the ads. In some of the cases, clicking the ads led to the downloading of additional programs on...

Posted on March 16, 2017 in Computer Security

Russian Hackers and Spies Charged for Yahoo’s 2014 Hacking that Exposed 500 Million Accounts

There is no doubt that the 2014 Yahoo hacking incident that was found to expose 500 million user accounts was a major disappointment and tragedy for the users affected by the massive data breach. Not only did Yahoo keep the hacking incident from the public for a couple of years, but the hackers responsible for the attack are looking to face serious charges as the US Department of Justice is coming down on the four individuals hard. Just this week, the US Department of Justice made an announcement just after rumors of an indictment that they have criminally charged Russian officials for the cyber attack on Yahoo that took place in 2014 and expose 500 million user accounts. 2014 Yahoo Data Breach Was Work of Russian Spies and Hackers Two individuals, Dmitry Dokuchaev and Igor Sushchin, are being identified as officers of the Russian...

Posted on March 16, 2017 in Computer Security

Karmen Ransomware

The Karmen Ransomware is a ransomware Trojan that is part of a RaaS (Ransomware as a Service) campaign. The Karmen Ransomware administrates its Command and Control servers, payment, and various other aspects of the attack. However, con artists may take charge of distributing the Karmen Ransomware through their networks by hiring the ransomware creators instead of creating the ransomware Trojans themselves. Typically, ransomware Trojans like the Karmen Ransomware are distributed through corrupted spam email attachments and various known tactics, such as bogus software distributed on Torrent networks or hacking into poorly protected computers directly. Hidden Tear and Its Offsprings The Karmen Ransomware was first observed on March 2017 being used in attacks against computer users in English and German speaking regions. This, however,...

Posted on March 16, 2017 in Ransomware

Revenge Ransomware

The Revenge Ransomware is a variant of CryptoMix and CryptFile2. The Revenge Ransomware is being distributed using the RIG Exploit Kit, and being installed on the victims' computers automatically. In most cases, the Revenge Ransomware will be installed after the victim is redirected to a website that has been compromised with the RIG Exploit Kit. Victims are directed to those pages using corrupted Java scripts that attempt to leverage various vulnerabilities to install the Revenge Ransomware on the victims' computers immediately. Enduring Revenge Due to Being a Computer User Once the Revenge Ransomware has entered the victim's computer, it will create a unique ID for the victim's computer. The Revenge Ransomware seems to be engineered to target databases, making it particularly destructive when it comes to enterprise networks and Web...

Posted on March 16, 2017 in Ransomware

Crypt0L0cker Ransomware

PC security researchers have noticed the return of the Crypt0L0cker Ransomware, now with a threat campaign that is targeting computer users located in Europe. In 2014, the Crypt0L0cker Ransomware was the most common ransomware Trojan in Europe and Australia (although known by a different name). In the middle of 2015, however, there was a decline in the Crypt0L0cker Ransomware attacks and distribution. Now, in February 2017, the Crypt0L0cker Ransomware is returning, attacking computer users located in Europe again. PC security analysts have received requests for help with the Crypt0L0cker Ransomware attack. In January and February 2017 the Crypt0L0cker Ransomware infections rose substantially, with hundreds of new attacks around the world in a very small span. The Crypt0L0cker Ransomware Infection and the New Campaign The Crypt0L0cker...

Posted on March 16, 2017 in Ransomware

Turkish Ransomware

The Turkish Ransomware is a ransomware Trojan that has only been observed in a version in Turkish. PC security researchers first received reports of the Turkish Ransomware on March 15, 2017. The Turkish Ransomware is designed to attack computers using Windows and located in Europe. The Turkish Ransomware seems to be a one-off attack and does not seem to have variants or belong to a broader family of ransomware Trojans (although much of its code is recycled, as it happens with most of these attacks). Although the Turkish Ransomware can be delivered in a wide variety of ways, it is likely that the Turkish Ransomware attacks are being distributed through the use of corrupted links and attachments contained in spam email messages currently. The Turkish Ransomware may Cause a Lot of Harm The Turkish Ransomware is typical ransomware Trojan...

Posted on March 16, 2017 in Ransomware

13 Malicious Apps in Google Play Store Steal Instagram Credentials

Cyber criminals are again targeting Instagram users who wish to improve their profiles fast and at no cost. Researchers from security company ESET have discovered 13 malicious applications on the official Google Play which promise to raise the number of followers, comments, and likes of an Instagram profile, but instead, steal the user's credentials and send them to the hackers' Command and Control servers. According to ESET's report, the apps carry a malicious file named "Android/Spy.Inazigram". Researchers found out that the tools carrying the infected originate from Turkey, however, some of them used English localization to extend the reach and target users more broadly. The malicious apps have been downloaded over 1.5 million times before they were discovered and reported to Google Security Team, so experts suggest the hackers have...

Posted on March 16, 2017 in Computer Security

Malware Infections Surge on Tuesday in Areas Hit Hard by Winter Storm Stella

In addition to dumping more than three feet of snow in some areas of the Northeast, Winter Storm Stella may also be to blame for a spike in malware infections. Computer users who were snowed in went online and ended up with more infections than usual. That's according to data released today by Enigma Software Group (ESG), makers of the SpyHunter anti-spyware program. ESG looked at malware detection data from SpyHunter focusing in the northeast area and compared them to data in the days leading up to the storm. They found infections spiked anywhere from 15 to more than 90 percent in some areas hit hard by the storm. "Any time we see a large number of people change their online habits, we see a change in infections," said ESG spokesperson Ryan Gerding. "On Tuesday you had millions of people who stayed home from school and work. When they...

Posted on March 15, 2017 in Computer Security

Project34 Ransomware

The Project34 Ransomware is a ransomware Trojan. Like other encryption ransomware infections, the Project34 Ransomware is designed to make the victims' files inaccessible. To do this, the Project34 Ransomware encrypts them using a strong encryption algorithm. Then, the victim is asked to pay a large ransom to recover the affected files. By Opening E-Mail Attachments PC Users may Get the Project34 Ransomware PC security researchers first received reports of the Project34 Ransomware infections on March 13, 2017. The Project34 Ransomware is designed to attack computers using the Windows operating system. The Project34 Ransomware attacks seem to be centered in Asia, particularly in Central Asia and Russian-speaking countries. The countries where the Project34 Ransomware attacks have been reported include Russia, Kazakhstan, Ukraine, Iran,...

Posted on March 15, 2017 in Ransomware

Cryptolocker 1.0.0 Ransomware

The Cryptolocker 1.0.0 Ransomware is a ransomware Trojan that originated in Turkey, and was created by a programmer that is known as 'Alp.' The Cryptolocker 1.0.0 Ransomware is an upgrade of CryptoLocker, a well-known ransomware Trojan that was first observed in 2013. This ransomware Trojan was in development through the end of 2015, when its development was interrupted. Apparently, the Cryptolocker 1.0.0 Ransomware is part of an effort to return to the development of this well-known threat. The Cryptolocker 1.0.0 Ransomware uses the RSA-2048 encryption, a strong obfuscation procedure, a different packaging and interface, and an effective ransomware attack. How the Cryptolocker 1.0.0 Ransomware may Infect a Computer The Cryptolocker 1.0.0 Ransomware is being distributed using social engineering techniques and corrupted email...

Posted on March 15, 2017 in Ransomware