MOOL Ransomware

Cybersecurity researchers have uncovered a new file-locking Trojan and named it the MOOL Ransomware. The MOOL Ransomware belongs to the family of the most active data-encrypting Trojan of 2019 – the STOP Ransomware. In 2019 alone, malware experts have spotted over 200 copies of the STOP Ransomware lurking the Web. Propagation and Encryption The creators of ransomware threats use all sorts of tricks to distribute their threatening creations. Malvertising campaigns, bogus software downloads and updates, torrent trackers, fake copies of popular applications or media, and spam emails containing macro-laced attachments are among the most commonly utilized propagation methods in regards to ransomware threats. The MOOL Ransomware is likely capable of encrypting a large variety of file types, including images, documents, audio files, videos,...

Posted on February 19, 2020 in Ransomware

PublicAdviseSearch

The PublicAdviseSearch application is a Web browser add-on that is designed for the Safari browser. It is likely that the creators of the PublicAdviseSearch add-on are promoting it as a tool with useful features that will enhance the search results of its users. Unfortunately, this is not the case. The PublicAdviseSearch Web browser extension can be considered a PUP (Potentially Unwanted Program). However, the PublicAdviseSearch add-on is not linked to any unsafe activity, so users who have it installed in their browser do not need to be concerned about the safety of their systems or data. The PublicAdviseSearch add-on is likely to have access to your Web browser history and permission to alter website contents. This means that the PublicAdviseSearch add-on may insert unwanted advertisements on the websites that the user visits. Some...

Posted on February 19, 2020 in Potentially Unwanted Programs

Upzis.com

The Upzis.com website is a page that does not offer any valuable content to its visitors. The only purpose of this dodgy site is to hijack users’ Web browser notifications. There are countless websites online that use this scheme. The Upzis.com site likely tricks users into visiting it by claiming to host interesting content. However, nothing is further from the truth. There is no content on the Upzis.com Web page. The site will greet its users with a request – they will be asked to click on the ‘Allow’ button on their screens. Usually, sites like the Upzis.com page will claim that the users will not be able to view the content they were seeking unless they click the ‘Allow’ button. However, doing so would give the fake website permission to display Web browser notifications. The Upzis.com page will use this permission to bombard its...

Posted on February 19, 2020 in Browser Hijackers

Woollike.com

Users who often browse untrustworthy websites, like illicit streaming platforms or torrenting pages, may come across the Woollike.com page. This fake website does not host any content of value, and it is best not to waste your time with it. Thankfully, the Woollike.com site is not affiliated with the distribution of malware, so users need not to worry about their data or system’s health. As soon as the Woollike.com page is launched, the users will be required to follow the instructions they are given. The site demands that the visitors click on the ‘Allow’ button they are presented with. Often, dodgy pages like the Woollike.com website would claim to host an interesting video or other media type that may get the attention of the users. However, if the users want to get access to the media, they will have to click on the ‘Allow’ button....

Posted on February 19, 2020 in Browser Hijackers

Videolive.best

The operators of the Videolive.best site have opted to utilize a very common trick used by many fake sites – a bogus CAPTCHA prompt. The Videolive.best website likely misleads users into launching it by claiming to host live streams or engaging videos. However, there is no content to be viewed on the Videolive.best site. Users will be required to complete a CAPTCHA to prove that they are not robots. However, the CAPTCHA test is fake and following the instructions provided by the Videolive.best site would give the bogus page permission to display Web browser push-notifications. This might not look like an issue but the Videolive.best site uses the permission to spam its users with unwanted advertisements. The spam advertisement may even continue if the users have closed their Web browser and are watching a movie or having fun with a...

Posted on February 19, 2020 in Browser Hijackers

SearchOptical

The SearchOptical application is a program designed for Macs. However, this application is listed as a PUP (Potentially Unwanted Program), and it is best to remove it from your computer as soon as possible. The SearchOptical application is likely promoted as a tool that is meant to enhance the search results of users. However, the SearchOptical program is not likely to be very useful, as it does not appear to pack any unique features. As soon as the SearchOptical application is installed on the user’s system, the application will get access to their Web browsers’ history. This means that the shady application will be monitoring the user’s browsing habits to collect information about them. The SearchOptical application also seems to be able to change the contents of the websites that the user visits. It is likely that the SearchOptical...

Posted on February 19, 2020 in Potentially Unwanted Programs

Dataf0ral1.com

The Dataf0ral1.com site is not a trustworthy page, and it is best for users to avoid it. This dodgy website is designed to promote potentially unsafe applications. It is likely that the Dataf0ral1.com site may be used to push various Trojans, spyware, keyloggers and other malware. Legitimate anti-malware vendors have listed this website as unsafe and potentially harmful. Users who come across the Dataf0ral1.com site are likely in the habit of browsing low-quality websites that host shady or illicit content. It is likely that the Dataf0ral1.com page claims to host an interesting video that may attract the attention of users. However, the site will claim that unless the users update their Adobe Flash Player, they will be unable to view the content. Then, the user will notice a pop-up window that will offer an update for the Adobe Flash...

Posted on February 19, 2020 in Browser Hijackers

ONIX Ransomware

Cybersecurity analysts have stumbled upon a new nasty Trojan dubbed the ONIX Ransomware. This file-encrypting Trojan does not seem to be a copy of any of the popular ransomware threats that are often appropriated by various cyber crooks. Propagation and Encryption It has not yet been reported what the propagation method employed in the distribution of the ONIX Ransomware is. It is speculated that spam email campaigns may be in the center of it. Usually, users would receive emails containing a bogus message and infected attachments. Ransomware threats also are often propagated via malvertising campaigns, fake application updates and downloads, torrent trackers, etc. The ONIX Ransomware will scan the data on the infected computer and then begin the encryption process. The data-locking Trojan would use a secure encryption algorithm to...

Posted on February 18, 2020 in Ransomware

Blend Ransomware

The Blend Ransomware is a newly uncovered variant of the infamous Dharma Ransomware. Most cyber crooks distributing ransomware threats tend to borrow the code of existing data-encrypting Trojans and alter it ever so slightly to fit their needs. This saves them time and effort compared to building a whole new file-locking Trojan from scratch. Propagation and Encryption It is likely that the Blend Ransomware was distributed via macro-laced emails. The emails in question would contain a bogus message whose goal is to trick the users into executing the attached file. If the users open the attachment, their system will be compromised by the threat. Malvertisement, fake pirated software and media, and bogus application updates are among other popular infection vectors, often utilized in the spreading of ransomware threats. After the Blend...

Posted on February 18, 2020 in Ransomware

Fox Kitten

Malware researchers have been keeping a close eye on a hacking campaign called Fox Kitten since 2017. Unlike most hacking operations, which target regular everyday users, the Fox Kitten campaign goes after high-profile targets. Keeping in mind the nature of the targets, it makes sense that the Fox Kitten campaign is carried out by experienced, highly skilled hacking groups. The hacking groups involved in the Fox Kitten campaign would go after targets from the IT sector, the aviation field, government institutions, the oil industry and others. Among the hacking groups that are suspected to be taking part in the Fox Kitten campaign are the notorious APT34 (also known as OilRig) and APT39. All the APTs involved are believed to hail from Iran. It would appear that the attackers rely on vulnerable RDP (Remote Desktop Protocol) services and...

Posted on February 18, 2020 in Malware

'You Have 46 Hours In Order To Make The Payment' Email Scam

Multiple individuals have reported a new tactic targeting users online. It has been dubbed the 'You Have 46 Hours In Order To Make The Payment' email scam. Before we get into it, the good news is that the contents of the emails involved in the 'You Have 46 Hours In Order To Make The Payment' tactic are fake, and you do not need to be upset about the safety of your private information. The conmen behind the 'You Have 46 Hours In Order To Make The Payment' tactic rely on social engineering techniques designed to intimidate users into complying with their demands. The fraudulent emails state that the individuals behind the 'You Have 46 Hours In Order To Make The Payment' tactic have managed to obtain videos of the users while they were enjoying adult entertainment online. Next, the fraudsters claim that the videos in question will be sent...

Posted on February 18, 2020 in Adware

Windows-lupdate.com

The Windows-lupdate.com page is among the countless bogus websites that seek to take advantage of their visitors with various tricks. A very commonly utilized method is displaying fake alerts and notifications that claim the user's system has been infected with a threat. This is the approach the creators of the Windows-lupdate.com site have taken. As soon as the users open the Windows-lupdate.com website, they will be greeted with multiple alerts stating that their PCs have been compromised, and the issue needs to be resolved as soon as possible, or they risk further complications. The operators of the fraudulent page have made sure that the notifications displayed on the visitor's screen look like legitimate alerts from Windows. This would decrease the chances of the user spotting that something is not quite right certainly. The...

Posted on February 18, 2020 in Browser Hijackers

MyDocsToPDF Search

The MyDocsToPDF Search Web browser extension claims to provide its users with a set of useful features. The MyDocsToPDF Search add-on is marketed as a tool that would help users convert their documents to PDF files mainly. However, the services provided by the MyDocsToPDF Search Web browser extension may be useful, but they are in no way unique. Every service that the MyDocsToPDF Search claims to offer is available for free online already. This means that it is not required to install third-party software to convert documents to PDF files. On top of not offering any unique features, the MyDocsToPDF Search add-on also may apply changes to your Web browser without ever consulting you. This shady behavior is the reason why the MyDocsToPDF Search add-on is listed as a PUP (Potentially Unwanted Program) by cybersecurity researchers. It...

Posted on February 18, 2020 in Potentially Unwanted Programs

Mediahd.space

The Mediahd.space Web page appears to lure in visitors by claiming to host videos that would be of interest to them. Unfortunately, there is absolutely no content to be viewed on the Mediahd.space site. Despite its claims, the Mediahd.space page does not host any interesting content and only exists for one purpose only – to hijack your Web browser notifications. The operators of the Mediahd.space site generate revenue by bombarding their users with various advertisements. When the users visit the Mediahd.space page, the site will request them to click on the 'Allow' button to view the content they were promised. If the users fall for this ruse and follow the Mediahd.space site's instructions, they will enable Web browser notifications by the dodgy page. The Mediahd.space website will not hesitate to start spamming the user with...

Posted on February 18, 2020 in Browser Hijackers

Filmhd.space

Users who are looking for illicit streaming websites that host pirated movies and TV series are likely to come across the Filmhd.space page. However, the Filmhd.space site is a fraudulent page that does not host any engaging content despite its claims. The Filmhd.space website exists for one purpose only – to bombard users with advertisements. The operators of the Filmhd.space site use a commonly utilized trick to mislead their visitors into permitting the shady page to display Web browser notifications. The visitors of the Filmhd.space site will be asked to click on the 'Allow' button displayed on their screen if they want to view the media they were searching for. However, the video player hosted on the Filmhd.space page is fake and there is no media to be viewed at all. Clicking on the 'Allow' button would grant permission to the...

Posted on February 18, 2020 in Browser Hijackers