The Konx Ransomware is a file-locking Trojan that's part of a family called Void Ransomware and VoidCrypt Ransomware. The Konx Ransomware can stop most files from opening by encrypting them using a method without any free solutions. Users should have backups for recovering any blocked files and designate appropriate security services for removing the Konx Ransomware installations. The small but up-and-coming family of Trojans  VoidCrypt Ransomware  (or Void Ransomware) maintains a...

The Discord Malware continues to be a popular trend among cybercriminals. One of the most recent threats to fit the profile is called the CursedGrabber Malware, and it was discovered in the first week of November 2020. The threat was hosted on the public 'npm' registry. 'Npm' is a package manager for JavaScript and the frameworks associated with it. The file in question, dubbed xpc.js, packed a corrupted piece of code, meant to take over the Discord installation on the victim's machine. Upon...

Get-your.cash is a Web page that displays deceptive content in an attempt to gain the ability to use your Web browser notifications. To achieve this, it needs to convince visitors to click the 'Allow' button shown on their screen. The con artists behind Get-your.cash have opted to use a fake anti-robot check to achieve this – they tell users that they must confirm that they are real persons by pressing 'Allow.' As soon as this action is completed, Get-your.cash gains the ability to use Web...

Mandistreet.top is a fraudulent page that is designed to hijack your Web browser notifications. Mandistreet.top tries to do this by displaying bogus pop-ups telling you to press 'Allow' to continue browsing. The page may claim that this action is mandatory to verify that you are not a robot, but you can rest assured that the purpose of the pop-up is different entirely. Users who click 'Allow' while browsing Mandistreet.top will end up subscribed to this website's notifications. The page...

Oc-protection.com is a fraudulent site set up to lure users of Apple devices into a harmful tactic. The Oc-protection.com's contents may be promoted via online advertisements and pop-ups hosted on non-trustworthy websites. If your Apple device takes you to one of Oc-protection.com's pages, you may see false information telling you that your device has been infected by a Trojan or computer virus. The bogus messages make the situation sound very serious by warning you that the hackers behind...

Russian malware developers continue to profit from their projects by selling them or renting them to other cybercriminals. The latest malware project to adopt this strategy is the Hunter Stealer. The first advertisements for it were published on the 25th of October, and the criminals are offering a limited, one-month version for 550 Rubles (around $7). The criminals also can spend 4000 Rubles (around $50) for a lifetime license. In return, the buyers get full access to the Hunter Stealer...

The MUST Ransomware is a file-locking Trojan that's part of the long-running Ransomware-as-a-Service of the Dharma Ransomware. The MUST Ransomware can harm most media files by encrypting or 'locking' them and promotes a ransom-based recovery method in its instructional messages. Windows users can back their work up for safe restoration without paying and let their anti-malware services handle the removal of the MUST Ransomware. The name of what a user downloads may hide an identity, as...

The Gcahvv Ransomware is a file-locking Trojan that can keep the user's files hostage by encrypting them. As part of Snatch Ransomware's family, it's likely to target weakly-defended business entities but also may endanger users' data on home PCs. The availability of a secure backup is a prime factor for recovering from infections, although many PC security products should counter and delete the Gcahvv Ransomware. The  Snatch Ransomware  family may end up giving the  STOP...

FunnyDream is an APT (Advanced Persistent Threat) group that looks to target systems located in Southeast Asia. Among the countries targeted by FunnyDream, Taiwan, Philippines, and Malaysia rank up at the top. The actions of FunnyDream appear to be to attack government entities but recent findings reveal that FunnyDream hackers have compromised over 200 systems across the Southeast Asia region. In compromising such systems, it is believed that FunnyDream may have made away with sensitive...

The Epor Ransomware is a file-locking Trojan that's part of the STOP Ransomware's Ransomware-as-a-Service. The Epor Ransomware can block the user's media files by encrypting them, change extensions, and deliver ransom notes. All Windows users should back their files up for safekeeping and have appropriate PC security solutions for removing the Epor Ransomware. As Ransomware-as-a-Service activity continues thriving into November, much activity is visible from the already-established,...

The xHunt campaign targeted against Kuwait-based organizations and individuals continues to surprise malware researchers by revealing additional malware families that the perpetrators relied on. Just recently, malware experts came across an unidentified backdoor Troja that appeared to reside on many of the computers that were infected by the xHunt malware previously. The backdoor, dubbed CASHY200, is PowerShell-based, and it relies heavily on DNS tunneling to contact the Command-and-Control...

CRAT is the name of a threatening Remote Access Trojan (RAT) that is perfectly capable of causing mayhem on its own. However, recent updates to CRAT also have introduced a modular structure that allows its operators to extend its functionality by downloading and deploying plugins. In the past, the CRAT usage has been observed in the campaigns of the infamous Lazarus Advanced Persistent Threat (APT) actors, but it is likely that other cybercrime organizations also have access to the same...

1000-eur.cash is one of the many websites that online con artists use to hijack the browser notifications of random users. In the case of 1000-eur.cash, the website warns you that you must click 'Allow' to continue browsing and confirm that you are not a robot. However, performing this is not mandatory, regardless of what the page may tell you. Users who fall for the trick will subscribe to 1000-eur.cash's notification unknowingly, and enable them in their Web browser. While legitimate...

Stmasunwri.top is a deceptive website designed to trick you into granting it the ability to use your Web browser's notifications. Thankfully, the website cannot do anything harmful with this feature. However, it can be quite a burden because of its ability to flood your Web browser with undesired and intrusive notifications with non-trustworthy content. The hijacking happens via misleading pop-ups asking you to confirm you are not a robot by pressing 'Allow.' However, doing this will not...

Online con artists and cybercriminals often rely on misleading messages and warnings to get potential victims involved in their fraudulent schemes. One of the pages associated with such a strategy is Appleconnect.safellk.com. As you can assume by the name, this page's creators want it to sound as if it is affiliated with Apple. However, you can rest assured that the 'Appleconnect.safellk.com' pop-up scam has nothing to do with Apple's support team or security features. Instead, the pop-ups in...

Bigkick.biz is a fraudulent page that displays misleading messages meant to trick you into subscribing to its notifications. Of course, Bigkick.biz does not reveal its true intentions to its visitors. Instead, it informs them that they need to click 'Allow' to confirm they are not robots. However, this minor request is nothing more than a disguise for Bigkick.biz's attempt to hijack your browser notifications. Users who fall for the trick may end up having their Web browsing sessions...

SmartPDFConverterSearch is a browser add-on whose installation may be promoted by online advertisements and offers you see while visiting websites used to convert documents. However, installing SmartPDFConverterSearch is not recommended because this extension is classified as a Potentially Unwanted Program (PUP). Users who had to deal with SmartPDFConverterSearch before reported that it brought undesired changes to their Web browser's behavior and configuration. In many cases, these intrusive...

The Vvoa Ransomware is a file-locking Trojan from the family of the STOP Ransomware, a global Ransomware-as-a-Service. The Vvoa Ransomware may block most files on infected PCs with encryption that is typically unbreakable by third parties. Proper backups on other devices and anti-malware services for removing the Vvoa Ransomware are both recommended for all Windows users. Although the  STOP Ransomware  is a family that can surprise some victims with its breadth of infection methods...

Users of the popular Discord platform were targeted by the threatening AnarchyGrabber infostealer mercilessly, which was released in the first months of 2020. Since then, many malware creators have experimented with different Discord-compatible malware similar to AnarchyGrabbe. However, it may sometimes boast additional features. One of the latest threats to fit this profile is called the TroubleGrabber Malware. Interestingly, the authors of the TroubleGrabber Malware appear to be focused...

The Jupyter Infostealer is believed to be the product of Russian cybercriminals who are using the project in their own campaign, apparently. Often, malware creators prefer to sell infostealers to like-minded individuals, but the criminals behind the Jupyter Infostealer project are determined to keep their software private and continue to upgrade it gradually. The first samples of the Jupyter Infostealer were identified in fake binaries posing as installers for popular software. Another...