The VAGGEN Ransomware is a file-locking Trojan that blocks media such as documents through encrypting it. Symptoms that accompany its attacks include ransom notes, hijacked desktop backgrounds, new extensions and pop-ups. Users should always invest in backups to maintain a recovery solution against data encryptors and traditional PC security products that should flag and delete the VAGGEN Ransomware. A file-locking Trojan that's asking for under a hundred USD in ransoms might be another...

The Consciousness Ransomware is a file-wiping Trojan that encrypts files without saving the recovery password. It may disguise itself as a Windows background service and delivers ransom notes to victims, despite being incapable of unlocking media. Users should back files up to other devices for ensuring their safety and let their dedicated cyber-security tools remove the Consciousness Ransomware. File-locking Trojans depend on the supposed authenticity of their decryption services for...

The Ironcat Ransomware is a file-locking Trojan developed for testing cyber-security in controlled environments initially. Due to its binaries' leaks to the public, victims may encounter it in the wild after threat actors distribute potentially-modified versions automatically. Users should continue guarding their files with secure backups and have anti-malware services on-hand for the efficient removal of the Ironcat Ransomware. Although it's most notorious with the widespread abuse of...

RGDoor is a cleverly-designed backdoor Trojan, which was discovered on multiple networks belonging to companies and organizations in the Middle East. The backdoor works by targeting the Microsoft's Internet Information Services (IIS) webserver software compatible with various versions of the Windows operating system. Cybersecurity experts suspect that the RGDoor is not the primary tool the attackers use when they take over a network and, instead, it is meant to work as a backup plan in case...

The MessedUp Ransomware is a file-locking Trojan that's part of Phobos Ransomware's family. The MessedUp Ransomware can block your media files through encrypting them, an attack that's secure against third-party solutions, thanks to a private key. Users should maintain their backups for protecting any work from these attacks, although standard security products should remove the MessedUp Ransomware upon detection immediately. A Trojan with the vague name of 'Fast.exe' is launching a...

Being interrupted by unwanted advertisements is always an annoying experience, and websites like Diokle.pro may try to do this all the time. However, to achieve this, they need to gain your permission to use your Web browser's notifications. The website tries to do this with misleading prompts and messages that you may encounter via online advertisements. Diokle.pro's pages say that users need to click 'Allow' to confirm they are not robots or continue their browsing session. However, if the...

Revoluciondron.com is a bogus page that wants to use your browser notifications. However, it does not want you to know this – this is why it relies on misleading instructions to trick you into granting it the permissions it needs to display notifications. The Revoluciondron.com website is designed to show pop-ups saying that users need to click 'Allow' to continue browsing, accompanied by a black screen. Many users might not think twice about following the instructions, but they will end up...

Houstontexansteamstore.com is a fake Web page that wants to hijack your Web browser's notifications by tricking you into granting it the permissions it needs to display notifications. The 'tactic' that Houstontexansteamstore.com uses is very basic – it tells visitors to click the 'Allow' button on top of their screen to continue browsing. However, users who opt to follow this instruction will end up permitting Houstontexansteamstore.com's notifications in their Web browser. Once...

Gamblingday.xyz is a misleading page that uses a new trick to hijack the browser's notifications. Whenever a user lands on Gamblingday.xyz, they will be told that their browser cannot play a specific video because it has been configured to block video auto-play. According to Gamblingday.xyz's message, users can change this by pressing the 'Allow' button shown on top of their screen. However, the prompt linked to the 'Allow' button serves a different purpose – it enables Gamblingday.xyz's...

Search-queen.com is a Web page hosting a simple search engine accompanied by quick links to popular online Web destinations like eBay, Amazon, Twitter and others. The website does not exhibit suspicious behavior, but it is linked to a Potentially Unwanted Program (PUP) titled 'Search Queen.' This software is designed to hijack a Web browser's settings and replace the default new tab page and search engine with 'Search-queen.com.' While this is not harmful, it is an intrusive and annoying...

The Easy2Lock Ransomware is a file-locking Trojan and a possible update of the WastedLocker Ransomware. The Easy2Lock Ransomware can stop users' files from opening by encrypting their data and delete local backups, for holding them as hostages. Effective non-local backup management can weaken the impact of infections, and competent cyber-security tools should remove the Easy2Lock Ransomware after flagging it as a threat. The Trojan-deploying strategies of the Evil Corp gang (AKA Dridex)...

IXWare is a piece of malware whose authors are selling it via online forums, which aim to hacking different multiplayer games like Roblox. The latter is IXWare's exact target, but the malware has more features than hijacking Roblox players' authentication tokens. It also can work as a cookie collector, as well as an information collector, which specializes in hijacking the databases used by Chromium-based Web browsers. The malware-as-a-Service (MaaS) concept that IXWare's creators use is very...

The Vizom Malware is a banking Trojan that includes a RAT, or Remote Access Trojan, component for controlling the infected computer. The Vizom Malware may display fake Web browser overlays that imitate Web pages for collecting passwords and other credentials bank account credentials. Brazilian Windows users should continue protecting themselves with appropriate cyber-security products for removing the Vizom Malware as soon as possible and change passwords immediately after resolving any...

If your Web browsing is interrupted by notifications from Lodder.info, you probably have fallen victim to a very basic tactic. The page at Lodder.info hosts fake pop-ups saying users need to click 'Allow' to confirm they are not robots to continue to the next page. However, the truth is that by performing this action, you will subscribe to Lodder.info's notifications and enable them in your browser. Thanks to this simple change, Lodder.info will gain the ability to flood your Web browser with...

Enerateok.top is a website that abuses fake pop-ups and warnings to mislead its visitors into believing they need to pass an anti-robot check to keep browsing. According to Enerateok.top's messages, users have to click the 'Allow' button to confirm they are real persons and unlock the next page. However, once the button is clicked, users will end up enabling Enerateok.top's ability to use browser notifications. While the Enerateok.top website does not have harmful intent, it can be very...

Nownersac.top is a fraudulent page that tries to hijack browser notifications with the use of fake prompts and messages. Visitors of Nownersac.top are often told that they need to select the 'Allow' button to confirm they are real persons and not robots. However, performing this action will end up subscribing them to Nownersac.top's notifications. This change is not harmful, but it can be rather annoying because Nownersac.top will abuse your browser notifications to deliver as many...

The Encrp Ransomware is a file-locking Trojan without a related family. The Encrp Ransomware encrypts media on the PC for blocking them until the victim pays its ransom of two hundred USD in Bitcoins. Proper backup maintenance can help with data recovery significantly. However, Windows users under the protection of competent security services should delete the Encrp Ransomware without allowing it a window of opportunity for its attacks. While there are examples of file-locking Trojans...

The Efji Ransomware is a file-locking Trojan that comes from the Ransomware-as-a-Service family, STOP Ransomware. The Efji Ransomware blocks media files on Windows PCs, may delete backups or block websites and delivers ransom notes for selling its file-recovery help. Users with protected backups can recover for free after deleting the Efji Ransomware through credible security solutions. Rotating extension usage is a hallmark of a Ransomware-as-a-Service, consisting of dozens, hundreds,...

The FakeMBAM Backdoor is a backdoor Trojan that provides attackers with remote access, which it leverages for running cryptocurrency-mining tools currently. This Trojan's campaign abuses self-updating features in ad-blocking add-ons and a torrent manager for achieving installations without notifying the user. Users should remove all compromised software, delete the FakeMBAM Backdoor through anti-malware services, and check their Windows Defender settings for unwanted changes. Strong...

The MaMoCrypt Ransomware is a file-locking Trojan that blocks your PC's digital media files, such as documents, according to their formats and locations. The Trojan also solicits a ransom through a text file, although users can avail themselves of other recovery solutions, including a freeware decryptor. Anti-malware services from most professional PC security companies should eliminate the MaMoCrypt Ransomware promptly, both before the installation and afterward. File-locking Trojans...