Btos Ransomware

The STOP Ransomware is one of the Internet’s most prolific ransomware families. In 2019 alone, cybercriminals have developed over 200 copies of this nasty Trojan. With the coming of 2020, there have been several new variants of the STOP Ransomware uncovered. Among the newest ones is the Btos Ransomware. Propagation and Encryption The creators of the Btos Ransomware have made sure this threat is capable of affecting a long list of filetypes. This means that as soon as the Btos Ransomware sneaks into a system, all the documents, images, archives, videos, audio files, databases, and other files will be locked with the help of a secure encryption algorithm. Spam email campaigns are undoubtedly among the most popular infection vectors. Usually, the targeted user will be sent an email from what seems to be a legitimate company or a...

Posted on January 31, 2020 in Ransomware

Trendyarticle.com

The Trendyarticle.com website may sound like a place where one can find news about current events, trending topics, and interesting facts. Unfortunately, this is not the case. The Trendyarticle.com site is nothing more than yet another fake page that has only one intention – to hijack their visitors’ Web browser notifications. Tricks Users into Permitting Notifications Operators of bogus websites like the Trendyarticle.com page generate revenue from spamming their users with unwanted advertisements via their Web browser notifications. One of the tricks that the Trendyarticle.com site is likely to utilize is to claim that it is hosting an engaging video, an article on a hot topic, or a gallery of high-quality images. However, the site would claim that if the user wants to view the content in question, they will have to click on the...

Posted on January 31, 2020 in Browser Hijackers

Play Radio Easily

There are countless browser add-ons that serve all sorts of purposes, according to users’ interests and needs. However, not all developers of browser extensions build tools with the users’ best interests at heart. Some resort to various tricks and shady tactics to achieve their goals. One of these shady add-ons is the Play Radio Easily browser extension. This extension is compatible with the Google Chrome Web browser extension. This browser add-on claims to provide its users with a long list of radio stations that they can listen to completely free of charge. However, the Play Radio Easily add-on does not offer any unique services to its users – all the radio stations offered by this extension are already freely available online. There is no need to install any third-party software in order to access the radio stations offered by the...

Posted on January 31, 2020 in Potentially Unwanted Programs

'Congratulations You Are Todays Winner' Pop-Ups

Countless shady actors online attempt to get their hands on unsuspecting users’ data using numerous tactics and tricks. Some of them go for the low-hanging fruit – email addresses, names, date of birth, etc. Others, however, try to extort more sensitive data like payment details, social security numbers, and other types information. One of the newly reporte tactics that attempts to collect the user’s credit card information is called the ‘Congratulations You Are Todays Winner’ scheme. The con-men behind this scam trick users into providing them with their payment information by claiming that they have been selected to gain a highly valued prize such as the latest model of iPhone, an expensive tablet, or another flashy item that will grab the user’s attention. Attempts to Collect The User’s Credit Card Details To be viable for receiving...

Posted on January 31, 2020 in Adware

View Online Recipes

The View Online Recipes Web browser extension presents itself as a useful tool for all cooking enthusiasts. The developers of this add-on claim to provide their users with countless recipes that they can search and save to use in the future. The creators of the View Online Recipes extension make it seem like they are offering a unique tool that will be handy to their users. However, there is nothing unique about the content offered by the View Online Recipes Web browser add-on. All of the recipes provided by the View Online Recipes extension are available for free online, one click away. Users who are looking for free cooking tips online do not need to install any third-party software in order to access large libraries with countless recipes. Alters the User’s Default New Tab Page Not only does the View Online Recipes add-on not offer...

Posted on January 31, 2020 in Potentially Unwanted Programs

Beware: Cybercriminals Leveraging Coronavirus to Exploit Computer Users and Spread Malware

Beware: Cybercriminals Leveraging Coronavirus to Exploit Computer Users and Spread Malware screenshot

It hasn't taken a lot of time for threat actors to realize the social engineering opportunity that the novel coronavirus (2019-nCoV) has presented them. The respiratory infection that originated in Wuhan, China, has become front-page news in recent weeks, although the first cases were reported in December 2019. In about a month since the first reported infections, there are more than 8,000 confirmed cases, with the death toll rising to more than 170 people. By now, the coronavirus has spread to every province of China, as well as several other countries, including the US, Canada, Japan, France, Germany, Taiwan, and Thailand, prompting the World Health Organization to declare a global...

Posted on January 31, 2020 in Computer Security

Trojan.WinLNK.Agent

Cybercriminals often abuse legitimate file formats to disguise their malicious files – documents, spreadsheets, presentations, and even the rarely used 'LNK' format may be used to disguise a corrupted file as a harmless one. Corrupted LNK files usually serve one sole purpose – to execute a macro script that fetches a payload from an outside server, and then initializes it on the compromised host. All this activity takes place in a background process so that the user will not notice anything out of the ordinary. To keep your PC protected against corrupted LNK files is to use a trustworthy anti-virus tool. One of the generic detections that antivirus products use for malicious LNK files is 'Trojan.WinLNK.Agent' – if your antivirus identifies such an issue on your computer, then you must immediately find and delete the file responsible...

Posted on January 31, 2020 in Trojans

ViewPDF

The ViewPDF Web-browser add-on is yet another bogus application that does not have your best interest in mind. This browser add-on targets users who are looking for PDF files. The ViewPDF application presents itself as a useful tool that will allow its users to search the Web for PDF files. While this property may seem useful to some, we can assure you that you do not need third party software to look for a specific filetype. Regardless of what search engine you use, whether it is Google, Bing, Yahoo, DuckDuckGo, or any other, you can set the search engine to look for a specific filetype via its advanced search options. Alter Users’ Default Search Engine Apart from the fact that the ViewPDF add-on does not offer any unique tools, it may also meddle with your Web browser settings. This is shady behavior that should not be tolerated....

Posted on January 30, 2020 in Potentially Unwanted Programs

Newscoder7.com

The Newscoder7.com website appears to be a page that hosts news articles regarding recent events. However, this shady site does not contain any valuable content. The purpose of the Newscoder7.com site is not to inform its visitors about the latest news, but to hijack their Web browser notifications. Uses Web Browser Notifications to Promote Shady Content The Newscoder7.com website is neither the first, not the last of this kind. Countless shady operators online opt to build fraudulent pages whose only goal is to convince the user to allow them to display Web browser notifications. One of the tricks used by this dodgy page is to present the user with a fake prompt that appears to be loading media. Next, an alert would appear on the visitor’s screen, and they will be asked to click the ‘Allow’ button to proceed. This may not seem a...

Posted on January 30, 2020 in Browser Hijackers

Npsg Ransomware

In 2019 the most active ransomware family was undoubtedly the STOP Ransomware family. Malware analysts had spotted over two hundred variants of this pest released in 2019 alone. It would seem that even in 2020, cyber crooks have not lost interest in the STOP Ransomware family as more and more copies are emerging. Among the newest variants of this threat is the Npsg Ransomware. Propagation and Encryption Most authors of ransomware rely on several commonly utilized infection vectors – spam emails containing macro-laced attachments, fake pirated copies of popular applications and media, malvertising campaigns, bogus software updates, and downloads, etc. It is likely that the authors of the Npsg Ransomware have opted to use one or several of these propagation methods to spread their data-locking Trojan. The Npsg Ransomware likely targets a...

Posted on January 30, 2020 in Ransomware

Nodera Ransomware

Most authors of ransomware are not very creative. They often use the code of already established threats and barely apply any modifications to it. However, this is not what is going on with the Nodera Ransomware. This brand-new data-locking Trojan is written in the Node.js programming language – a very unusual approach. It is likely that the authors of the Nodera Ransomware have built this file-encrypting Trojan from scratch. Propagation and Encryption It is not known yet what is the propagation method employed in the spreading of the Nodera Ransomware. Some experts believe that the attackers might have utilized spam emails to distribute this Trojan. The targeted user would receive an email that appears to be sent by a legitimate company or a government body. The email contains a fake message and a macro-laced attachment. The goal of...

Posted on January 30, 2020 in Ransomware

$$$ Ransomware

A new data-encrypting Trojan has emerged recently. The name of this new threat is $$$ Ransomware. As we can see by the name, the authors of the $$$ Ransomware are not hiding exactly what they are after – cash. Like the majority of ransomware threats, the $$$ Ransomware will make sure to encrypt all the data present on the compromised system including documents, images, videos, spreadsheets, presentations, audio files, databases, archives, etc. Often, authors of ransomware threats claim that the victim's data can only be restored with the decryption key they possess, but this is not always true. Propagation and Encryption < Malware analysts have not yet pinpointed the exact infection vector involved in the spreading of the $$$ Ransomware. Spam emails are a likely candidate, as this is one of the most common propagation methods used by...

Posted on January 29, 2020 in Ransomware

EnCiPhErEd Ransomware

Many creators of ransomware threats opt to take the easy route, and they base their threatening products on already existing ones, and often well-established, data-locking Trojans. This appears to be what the creators of the newly uncovered EnCiPhErEd Ransomware did.. The authors of this nasty Trojan have based their creation on the Xorist Ransomware. Taking this approach saves the cyber crooks a lot of time and effort, which is why it is so popular in the world of cybercrime. Propagation and Encryption The most commonly utilized infection vector, in regards to ransomware threats, is spam email campaigns. The attackers would target a large number of unsuspecting users who would receive an email that claims to be sent by a government body or a well-regarded company. Usually, the email contains a fake attachment and a bogus message that...

Posted on January 29, 2020 in Ransomware

'IFC Global Development Funding Program' Email Scam

One of the newest email tactics is known as the 'IFC Global Development Funding Program' email scam. This fraudulent scheme has been around since the dawn of the Internet, and countless users have fallen victim to online schemes. The Email Claims the User can Receive Up to $1,500,000 The 'IFC Global Development Funding Program' email scam appears to target users at random. The targeted users would receive an email stating that they are approved for a supposed fund as the message is titled 'IFC Fund Approved.' The con-artists go on to say that the users have been the lucky one selected from millions of others and they are eligible to receive a fund of up to $1,500,00 from a program called the 'IFC Global Development Funding Program.' Many users, even ones who may suspect something may not be right, might be tempted to follow the...

Posted on January 29, 2020 in Adware

Sciencedaily.news

The Sciencedaily.news page is yet another website that hosts no content of meaning or value. Fake pages like the Sciencedaily.news site serve one purpose only - to convince the visitor to authorize them to display Web browser notifications. Spams Users with Unwanted Advertisements The Sciencedaily.news website is likely tricking users into visiting their website by posing as an informative page that would contain interesting new from the world of science. However, this does not apply to this case, certainly, and the Sciencedaily.news page does not contain any valuable information or features. As soon as a visitor opens the Sciencedaily.news site, they will be asked to allow the site to display notifications in their Web browser. Genuine Web pages can provide useful notifications for their users, but bogus sites like the...

Posted on January 29, 2020 in Browser Hijackers