Potentially Unwanted Programs (PUPs) may often pose as useful browser add-ons that are meant to introduce valuable features to your Web browser. For example, the PUP ConvertItSearch promises to help users convert audio, video and documents from one format to another. This probably sounds like a handy tool, but the truth about ConvertItSearch is very different. When this extension is installed, it will replace the Web browser's default new tab page with Portal.convertitsearch.com immediately,...

The authors of the Exorcist Ransomware were not happy with the state of their file-locker apparently, and they decided to release a second version, which is supposed to include various improvements. The threat, called Exorcist 2.0 Ransomware conveniently, is able to lock a wide variety of files. Once the Exorcist 2.0 Ransomware takes a file hostage, it will append a new extension to its name. This version of the malware appears to generate a random victim ID that will be used in the names of...

The Mount Locker Ransomware is a file-locking Trojan whose campaigns target corporate networks. Attackers deploying this threat may, in addition to encrypting the victim's files, steal data for leaking to the public in unpaid ransom scenarios. Users still should avoid paying, if practical, and recover from any backups after removing the Mount Locker Ransomware with professional anti-malware tools. By itself, blocking files isn't always enough leverage for twisting victims into doing what...

Ekamarkable.club is a Web page that uses misleading pop-ups and warnings to trick visitors into granting it escalated permissions. Thankfully, Ekamarkable.club does not try to abuse this to cause harm and, instead, it has a straightforward request – it wants to gain access to the Web browser's push notifications. Ekamarkable.club does this by displaying pop-ups, which say that the user has to click 'Allow' to attest that they are not robots. However, it does not tell users that they will...

Fastklick.biz is a misleading site that pretends to host a file that the user might be interested in downloading. By abusing Black Hat Search Engine Optimization (SEO) practices, the Fastklick.biz website may appear on top of other search results when looking for specific files such as pirated movies, game cracks, software activators, etc. Whenever the users follow Fastklick.biz's link, they may see a prompt asking them to click 'Allow' to proceed with the download of their files. However,...

Anti-robot and human verification checks are very common on the Internet, but did you know that not all of them are credible? If an unknown website asks you to click 'Allow' to confirm that you are not a robot, then you should make sure to check the instructions carefully. There are hundreds of such pages set up with the sole purpose of displaying bogus instructions whose main goal is to trick the visitor into subscribing to the page's notifications. One of these websites is Jioer.pro, and...

Somenewsabout.com is a fake website that has been set up with the purpose of hijacking the browser notifications of visitors. Somenewsabout.com does this by displaying a fake prompt, telling the user to 'Press the Allow button to continue.' Complying with this innocent request may have some negative consequences for the user. This is because the 'Allow' button will end up subscribing them to the Somenewsabout.com notifications. When this change happens, the user's Web browser will be...

macOS users continue to be bothered by low-effort Potentially Unwanted Programs (PUPs) and adware that cause all cause of minor issues. The AnalyzerSkill is one of the latest PUPs to be added to the lengthy list of intrusive software for the macOS, and you do not want to have to deal with it indeed. While AnalyzerSkill is not unsafe, it may bring unwanted changes to your Web browser by replacing your search engine and default new tab page. Often, PUPs of this sort refer users to 3rd-party...

The TRAPGET Ransomware is a file-locking Trojan that's part of the Russian NEFILIM Ransomware family. The TRAPGET Ransomware attacks may compromise business entities preferentially and hold their servers' files for ransom by encrypting them. Users with backups have alternative recovery possibilities, and most Windows anti-malware services should delete the TRAPGET Ransomware after automatic detection. Hackers may come from anywhere, but Russian dark Web resources have a close connection...

The CRPTD Ransomware is a file-locking Trojan that blocks media files and holds them hostage by encrypting them. The CRPTD Ransomware also creates ransom notes using a previously-known HTA template that sells the victims a possible unlocking service. Most updated anti-malware products should thwart infection attempts or uninstall the CRPTD Ransomware, and traditional backup practices can assist with inexpensive data recovery. Not all file-locking Trojans have a definitive lineage. Such...

OldGremlin is a threat actor specializing in compromising corporate entities' servers and encrypting their files for ransoms. This group uses highly-sophisticated social engineering lures that can include convincing, industry-specific details, and a back-and-forth messaging focus over weeks or months. Businesses should continue protecting their servers with appropriate backup practices and security protocols and have their anti-malware products isolate and remove threats from OldGremlin as...

The Alien Malware is spyware that collects confidential information from Android devices. As an upgrade of the previous Cerberus spyware, it keeps that threat's features and adds new ones and may block the device or provide a backdoor for attackers. Users should protect their devices with compatible anti-malware services for removing the Alien Malware as soon as possible and change compromised passwords and other credentials without delay. The powerful symbol of a phoenix burning to...

The 'Please press Allow continuing' pop-ups have become one of the favorite tools that online fraudsters use to access your browser's notifications. Many people are eager to continue browsing, and they do not think twice about pressing the button that these pop-ups ask them to interact with. Tons of websites distribute such fraudulent messages, and Lomurdened.club is just one of the hundreds of websites that do this. Users who stumble upon Lomurdened.club's pop-ups may be told that they need...

If your Web browser notifications have been hijacked by News-gg.com, then you most likely see dozens of unwanted browser notifications every time you try to browse your favorite website. Despite what News-gg.com's name implies, you can rest assured that this website has nothing to do with the latest news and updates from around the world – instead, its sole purpose is to deliver advertisements to you. The News-gg.com notifications do not possess content that you should trust or interact...

Yishowever.club is a fraudulent page that has one only purpose – to gain access to your Web browser's notifications by using misleading instructions and messages. According to Yishowever.club, users can continue to browse the Web, only if they confirm that they are not robots by clicking 'Allow' on the prompt shown to them. However, the 'Allow' button that Yishowever.club asks you to click is not related to your Web browsing experience and, instead, it is meant to grant the page permissions...

HDSportsSearchs is a browser extension whose installation may bring unforeseen changes to your Web browser's settings. This is not a harmful application by any means, but you should certainly not allow it to run on your computer because of the unwanted changes it brings. This tool is classified as a Potentially Unwanted Program (PUP), and you are unlikely to experience any trouble with it if you are keeping your system protected by a suitable security tool. The changes that HDSportsSearchs...

Mac users are not immune to non-trustworthy software that brings undesired changes to their system's configuration and behavior. In fact, we have seen a rapid increase in the number of Potentially Unwanted Programs (PUPs) and adware that target macOS computers exclusively. There are hundreds of these shady applications circulating online, and it is a matter of time to encounter one of them. It is best to be prepared for this moment by keeping your Mac device protected by a suitable...

The Gvlbsjz Ransomware is a file-locking Trojan that keeps digital media files from opening by encrypting them. As part of the Snatch Ransomware family, it also generates text ransom note typical for that family's template, which provides data-unlocking services for an unknown price via e-mail. Users should withhold ransoms, if possible, have their anti-malware solution remove the Gvlbsjz Ransomware and use a backup for recovery. A new threat, the Gvlbsjz Ransomware, is reasonably...

A new infostealer coded in C# is being promoted among Russian cybercrime forums. The threat, dubbed the MoistStealer Malware, is being sold at very low prices starting from 499 Rubles or about $6.50. Needless to say, the low price tag allows any cybercriminal to grab a copy of the MoistStealer Malware and start using it against their selected targets. The threat is quite functional despite its affordable price. According to the author, customers will gain access to their victim's browser...

Remote Access Trojans (RATs) are amidst the most threatening malware types because of their ability to give a remote attacker full access to the infected computer. This malware often is being spread via torrent trackers, fake downloads, bogus email attachments, and other content that users are likely to find in non-trustworthy websites. A relatively unknown RAT has been detected online recently, and it has been given the name DuckRAT. The threat appears to have been around for over two...