ChoiceFinder

The ChoiceFinder application is designed for Mac computers specifically. It is likely that you have come across the ChoiceFinder application while downloading and installing a bundle of freeware applications. Oftentimes, such software bundles contain additional applications that the user never asked for. To convince the user to install such applications, they may be told that it will enhance the stability of their systems or their Web browsing experience. However, this is usually untrue, and this is the case with the ChoiceFinder application, certainly. The ChoiceFinder application is likely marketing itself as a useful tool that will help users get more relevant results for their searches online. However, instead of enhancing their search results in any way, the ChoiceFinder application is likely to do exactly the opposite. This...

Posted on February 21, 2020 in Potentially Unwanted Programs

Hilfr.pro

The Hilf.pro site, a bogus page, which is not hosting any valuable content, is likely to waste its visitors’ time only. The Hilf.pro tricks users into launching the page by claiming to host a video that may appear very engaging. As soon as the user opens the dubious website, they will see a fake video prompt that pretends to be loading the content the visitor wants to view. Unfortunately, that is nothing more than a trick, as the Hilf.pro site does not contain any videos. As the fake video prompt appears to be loading the nonexistent video, the users will be prompted to click on the ‘Allow’ button on their screens. The site claims that unless the visitors comply, they will be unable to view the content. However, clicking the button in question will permit the shady website to display Web browser notifications. This means that users who...

Posted on February 21, 2020 in Browser Hijackers

ProcessFresh

The ProcessFresh application is a tool compatible with computers running OSX. This dubious application may promote itself as an optimization tool that will help you improve the stability of your system, but we can assure you that this is not the case definitely. Malware researchers have identified the ProcessFresh application as adware. This means that users who have happened to install the ProcessFresh application may notice a sudden spike in the number of advertisements displayed on the websites they visit. The ProcessFresh adware is likely to plant various advertisements into the Web pages visited by the user – flashing alerts, banners, annoying notifications, hyperlinks in text, pop-up windows, etc. You can imagine that viewing a large amount of unwanted and often irrelevant advertisements every time you open your Web browser can...

Posted on February 21, 2020 in Potentially Unwanted Programs

Sisewepod.com

Users who tend to browse shady websites often (adult entertainment sites, gambling platforms, illicit streaming pages, etc.) are more likely to stumble upon the Sisewepod.com site. This website is nothing more than a fake page that is designed to mislead users into allowing it to display Web browser notifications. The Sisewepod.com website is likely to claim to host very engaging content, like an interesting video or a gallery of images, to attract users’ attention. Unfortunately, this is definitely not the case. The Sisewepod.com will ask the users to click on the ‘Allow’ button if they want to proceed and view the content they were promised. Following the instructions of the dodgy Sisewepod.com site will not provide you with access to any interesting or meaningful content; instead, it will allow this page to send you...

Posted on February 21, 2020 in Browser Hijackers

Clickkmobi.com

The Clickkmobi.com is an untrustworthy website that may appear to host various giveaways or engaging content. However, this is not true most definitely, as there is no meaningful content hosted on this website, and any giveaways and raffles affiliated with the Clickkmobi.com page may be fake. The creators of the Clickkmobi.com website have built it with one goal in mind – to hijack their visitors’ Web browser notifications. This is the so-called ‘Click ALLOW to Continue’ tactic used by numerous shady websites online. As soon as the Clickkmobi.com website is launched, it will request that the users click on the ‘Allow’ button spawned on their screen. If the user complies and clicks on the button, the Clickkmobi.com website will receive permission to exhibit notifications in the user’s Web browser. This may not seem something that you...

Posted on February 21, 2020 in Browser Hijackers

Extrabuttons.pw

The Extrabuttons.pw is yet another bogus website designed to mislead users into granting it permission to display Web browser notifications. This is a trick utilized by the operators of countless fake sites like the Extrabuttons.pw page commonly. Upon launching the Extrabuttons.pw site, visitors will be asked to click on the ‘Allow’ button displayed on the page. Sometimes, sites like the Extrabuttons.pw would claim to host interesting content that can only be viewed if the user complies with the requests of the page. However, the Extrabuttons.pw does not host any content that is worth your time – there are no videos, images or articles hosted on this site. The Extrabuttons.pw site exists for the purpose of hijacking your Web browser notifications only. As soon as the Extrabuttons.pw gets permission to send users push-notifications via...

Posted on February 21, 2020 in Browser Hijackers

Goldencpi.com

The Goldencpi.com website is a dubious page whose operators generate revenue by bombarding their users with countless unwanted advertisements. The Goldencpi.com site would pretend to host content that may be of interest to get them to launch the page. The Goldencpi.com website employs the ‘Click ALLOW to Continue’ tactic to mislead users into granting it permissions to send them push-notifications via their Web browser. The Goldencpi.com would likely state that the users will be unable to view the content on the site unless they follow the instructions the page provides them with. This means that the users will be asked to click on the ‘Allow’ button on their screens supposedly to get access to the content in question. However, there is no content to be viewed on this bogus page, and if you click on the button, you will allow this fake...

Posted on February 21, 2020 in Browser Hijackers

VSearch

The VSearch application is adware designed for Mac computers. Many Apple users still rely on the false notion that Mac computers are impenetrable, and no cyber threat can compromise them. This is certainly not the case, and this line of thinking has put numerous Mac users’ systems in danger. Each year there is an increasing number of malicious applications, PUPs (Potentially Unwanted Programs), and adware designed to specifically target Mac systems. Among the most recently reported cases of a dubious application targeting OSX systems is the VSearch adware app. The VSearch adware is likely promoted as a genuine, useful tool that will help users optimize their search results. This is definitely not the case. It is also likely that the VSearch adware may be installed alongside a bundle of other freeware applications. Often, the...

Posted on February 20, 2020 in Adware

OperatorMac

The OperatorMac is an adware family that goes after Mac systems only. Thankfully, the OperatorMac application is not affiliated with the distribution of malicious software or any harmful scams. If you have adware installed on your computer, you are likely to notice an increase in the advertisements displayed on the websites you visit. The ads linked to the activity of various types of adware may come in all shapes and forms. The OperatorMac adware may present its users with highlighted text, a variety of banners, random hyperlinks, pop-up windows, flashy alerts, etc. This can end up significantly diminishing your Web browsing quality. Applications like the OperatorMac adware may promote dodgy products that users should avoid – fake raffles, dubious gambling platforms, bogus dating websites, adult entertainment streaming sites, etc. It...

Posted on February 20, 2020 in Adware

MacBooster

The MacBooster application is a dubious optimization tool that is compatible with computers running OSX. The MacBooster tool promotes itself as an optimization application that is capable of significantly boosting the performance of your Mac – free disk space, fix bugs, etc. However, this is not the case. The MacBooster application does not mention that a user who installs the free version of the tool will only be able to use it to scan their computer. The MacBooster tool’s scan will deliver a report to the user, which will provide them with various recommendations on how to improve the stability of their system. However, if you want to use the MacBooster tool to apply the recommended optimizations, you will have to pay for the full version of this application. What makes the MacBooster application shady is that it is known to...

Posted on February 20, 2020 in Potentially Unwanted Programs

CallMe

The CallMe application is a backdoor Trojan that is compatible only with Mac computers. Malware researchers first spotted the CallMe Trojan seven years ago. Thankfully, the CallMe Trojan has not been very active in the past few years, which may mean that its creators may have abandoned the project. The CallMe backdoor Trojan is not an overly complex threat. This Trojan is able to run shell commands on the infected machine and to steal information from the contacts list of the victim. At first, this may seem like a redundant feature, but the CallMe Trojan was employed in an attack targeting Tibetian activists. As soon as the CallMe Trojan was able to compromise their systems, the threat could steal the names of the individuals in their contacts list and therefore reveal personal information about them. This helped the attackers reveal...

Posted on February 20, 2020 in Backdoors

XcodeGhost

Apple has published its own official IDE (Integrated Development Environment), which is called Xcode. The Xcode IDE serves to help application developers in building software and testing it efficiently. It is an all-encompassing tool that is being used by countless software developers worldwide. However, cyber crooks have seen an opportunity to use this tool to their advantage. Thus, cybercriminals built the XcodeGhost – a malicious copy of the original Xcode IDE. The XcodeGhost IDE is not being propagated via Apple’s official stores or sites. This malicious IDE was uploaded by its creators on the popular Chinese website Baidu. This is how the XcodeGhost IDE ended up on the systems of a large number of Chinese developers. Unlike most malicious applications, the XcodeGhost malware does not seek to wreak havoc on the host or even steal...

Posted on February 20, 2020 in Malware

LaoShu

The LaoShu threat is a piece of malware designed to target Mac systems exclusively. The goal behind the LaoShu is to collect sensitive data from the compromised hosts. The LaoShu Trojan is being propagated via emails that tend to contain an infected PDF file. It the latest campaign involving the LaoShu Trojan, the attackers appear to have chosen to mask the fake emails as legitimate messages sent by well-known delivery companies. The emails would state that the user has a package that they have not picked up and that the attached PDF file contains more information regarding the issue. In some cases, instead of a PDF file, the email would contain a ZIP attachment, which carries a PDF file. Some users report that the fraudulent email redirected them to a website that appeared to be the official page of the courier company in question....

Posted on February 20, 2020 in Malware

US Pipeline Operation Disrupted via Ransomware Attack

US Pipeline Operation Disrupted via Ransomware Attack screenshot

A ransomware attack recently hit a natural gas compression facility within US territory, according to the authorities. The attack resulted in a shutdown that lasted for two days as the facility that fell victim to the attack worked hard to bring the system back online using backups. The threat actors were able to get in the IT section of the network, then moving on from that to infiltrate communication and control functions inside the facility. The Cybersecurity and Infrastructure Security Agency (CISA) released an alert that shared more information on the subject. It appears the attackers were successful at spearphishing an employee and thus gained their foot in the door. The compromise...

Posted on February 19, 2020 in Computer Security

JackSparrow Ransomware

The JackSparrow Ransomware is a brand-new data-encrypting Trojan. Some of the features present on the JackSparrow Ransomware resemble the ones belonging to another ransomware Trojan named Harma Ransomware Threats of this type are nasty to deal with, particularly, as they would encrypt all the user’s data and try to extort them. It is likely that the JackSparrow Ransomware is capable of encrypting a long list of file types to ensure maximum damage. Propagation and Encryption There are many different propagation methods that can be used to distribute a ransomware threat. One of the most popular ones is spam email campaigns. The targeted users will get an email in their inbox that would contain a bogus message attempting to convince them to open the attached file. However, the file is macro-laced and would compromise their systems...

Posted on February 19, 2020 in Ransomware