Artingcautif.top is a bogus page that tries to tell you that you can only continue browsing if you verify your identity by pressing the 'Allow' button. According to the website, this action is mandatory to confirm that you are not a robot. However, users who end up trusting Artingcautif.top will enable Artingcautif.top's notifications in their Web browser unknowingly. There are many deceptive sites that follow the same strategy to gain permission to use browser notifications and then abuse...

The Ulgeddond.top pop-ups are a trick that online con artists use to hijack the users' Web browser notifications. The Ulgeddond.top page tries to achieve this by displaying a false message saying that the users have to click 'Allow' to confirm that they are not robots and continue browsing. However, Ulgeddond.top has nothing to do with anti-robot checks and, instead, it just relies on misleading instructions to gain the ability to abuse browser notifications. Users who fall for...

Click-to-continue.network is a website trying to trick its visitors into enabling this page's notifications in their browser. It tries to do this by displaying fake instructions that try to convince visitors that they need to verify their identity by clicking the 'Allow' button. However, users who perform this action will end up having to see dozens of Click-to-continue.network notifications every few minutes. Needless to say, this is not an enjoyable experience, especially because of...

Phishing emails are among the favorite strategies that both cybercriminals and online con artists get their potential victims engaged with unsafe content. A newly identified spam campaign is being used to spread the Agent Tesla RAT, and it is being referred to as the 'Transcrop Bank' email virus. As the name suggests, the campaign is targeted towards the Transcrop Bank clients, but it is possible that the criminals might send the email to clients of other banks too accidentally. The...

The Bepabepababy Ransomware is a file-locking Trojan from the Globe Imposter Ransomware family. The Bepabepababy Ransomware may stop files from opening by encrypting them, add secondary extensions to their names, and create HTML ransom notes (similar to those of the  Globe Ransomware ). Users with backups on other devices should recover quickly, and most PC security products should block or delete the Bepabepababy Ransomware. A spin-off of the  Globe Imposter Ransomware , the...

The YAYA Ransomware is a file-locker Trojan that's from the Globe Imposter Ransomware family. The YAYA Ransomware can block documents, pictures, and other media by encrypting the files' internal data and may delete backups, change extensions or drop ransom notes. Users should have suitably-secure backups for recovering any content and let dedicated security solutions remove the YAYA Ransomware. The Globe Imposter Ransomware family (also stylized as 'GlobeImposter Ransomware') has had a...

The ModPipe Malware is a threatening project, whose targets are Point-of-Sale (PoS) devices used in the hospitality sector primarily. Often, PoS malware goes after countries with laxer security measures, but the ModPipe Malware's authors appear to go after major targets – their malware appears to look for devices loaded with the Oracle Micros Restaurant Enterprise Series (RES) 3700 software. The latter software package is especially popular among hotels and restaurants operating in the United...

CostaBricks is a Trojan loader that works in a very peculiar way. Cybersecurity experts believe that the CostaBricks Trojan is being used by an Advanced Persistent Threat (APT) group known as CostaRicto exclusively. The criminals are believed to work for the highest bidders, and they belong to the category known as 'hackers-for-hire.' The CostaBricks is by no means a simple project, and its complex nature is proof that the CostaRicto APT members are not just skilled and experienced, but they...

CostaRicto APT is a suspected criminal organization that is likely to work with clients from all around the world, as long as they can afford their services. This Advanced Persistent Threat (APT) group has been active for over a year, but their toolset and campaigns have been observed over the past six months thoroughly. So far, the CostaRicto APT has managed to reach networks worldwide, but the majority of their victims appear to be situated in Southeast Asia. However, remnants of...

Hackers-for-hire groups have become a very profitable venture for cybercriminals who have the ability to penetrate the security of various networks around the world. Usually, these groups boast a well-developed arsenal of tools thanks to the fact that they can rely on the money of their clients. One of the recent groups believed to take part in such activity is called CostaRicto. Its campaigns have been monitored for over six months, but malware researchers believe that the CostaRicto APT...

Check-me.online is a page that pretends to ask its visitors to confirm they are not robots. However, it asks them to do this by pressing the 'Allow' button shown on top of their screen – this action, however, is meant to subscribe users to Check-me.online's notifications. If you pay close attention to the text on your screen, you are unlikely to fall for Check-me.online's petty tactic. Unfortunately, many users end up following the instructions blindly, and they subscribe to Check-me.online's...

Livefeedlab.com is a misleading site promising to give you access to entertaining content, but its true goal is to hijack your browser notifications. Of course, the website wants to do this silently, and this is why it may display deceptive prompts asking you to click 'Allow' to continue watching a video. However, completing this simple task will end up enabling Livefeedlab.com's notifications in your browser. Because of this change, the page will be able to abuse your Web browser...

System-scanning.xyz is a deceptive site that uses fake reports from antivirus software to lure its visitors into falling for a complicated tactic aiming to take their money. Usually, the fraudsters behind sites like System-scanning.xyz monetize their operation by asking the victim to pay for expensive software or services or by redirecting them to a phishing website. It is not clear what option System-scanning.xyz uses, but you can rest assured that there is no reliable information to be...

The Sext Ransomware is a file-locking Trojan that's a variant of the Bondy Ransomware's family. All previous features remain in evidence in this update, including blocking files with encryption and holding them as hostages for ransoms. Users should back their work up to secure storage devices for preventing this extortion and let their preferred anti-malware and security services identify and remove the Sext Ransomware. One more member of the  Bondy Ransomware  family arrives to keep...

The Howareyou Ransomware is a file-locking Trojan that stops media files from opening by converting them with encryption. When possible, users should ignore its text ransom note and restore data from their latest backups after disinfecting their PCs. Most Windows anti-malware solutions will identify and delete the Howareyou Ransomware before an attack. Another peak of Trojan engineering is showing plans of blocking files for money, with unmistakable similarities to old attacks. Malware...

The Dusk Ransomware is a file-locking Trojan that can block media files on Windows PCs. The Dusk Ransomware uses a currently-secure version of RSA encryption for this attack, keeping documents, pictures, and similar content from opening indefinitely. All users should have backups for protecting their work and let dedicated security solutions remove the Dusk Ransomware as appropriate. Those left sleeping on security for their PCs have another problem worth contending with through backups:...

The Killua Backdoor is a threatening implant that was used in a large-scale cyberattack against Kuwait-based organizations and businesses, which spanned for several months in 2019. The malware was used in combination with other threatening implants like the  Hisoka Malware , the EYE Malware , and  xHunt  frequently. According to malware experts, the Killua Backdoor shares many resemblances with the Hisoka malware in terms of functionality, but it appears to be a slightly newer project....

Samples of the Gon Malware were first discovered in May 2019 when the implant was identified on Kuwait-based companies and businesses' networks. The threat is believed to be used in combination with other prominent malware families targeting the region –  xHunt  and  Hisoka . Cybersecurity researchers believe that the same group of criminals is responsible for the development of the Gon Malware and the Hisoka Malware due to massive overlaps in their source code and functions. The Gon...

The EYE Malware is programmed to look for specific activities – RDP logins, opened files, executed applications and entries in the Windows Event Viewer.  The EYE Malware is a hacking tool artifact discovered on computers infiltrated by the xHunt  and  Hisoka  malware families previously. Cybersecurity experts suspect that the attackers were relying on the EYE Malware to act as a failsafe, which is meant to eradicate all leftover files and processes that can be traced back to the...

Savefrom.net is a website that you may come across while looking for a free way to download videos from YouTube. While the Savefrom.net page does support this feature, it also is known to expose its visitors to intrusive advertisements and offers to install Potentially Unwanted Programs (PUPs), adware or browser hijackers. While using Savefrom.net is somewhat safe, you should not consider downloading any of the software it promotes. Users who try to use the 'Download from YouTube' feature may...