Cybercriminals often use tools that are meant to cause pure destruction and wreak havoc – these cases are rare. Still, we have seen plenty of examples where a cybercriminal was only interested in damaging the infected system as much as possible. Usually, the best way to cause such damage is to delete essential data that may render the system unusable. However, some cybercriminals go a step further and run a wiper malware that has been designed to prevent the infected system from being able to...

TerraStealer is a piece of malware that was advertised on hacker forums by a seller group known as Golden Chickens – they are believed to be the masterminds behind a large-scale Malware-as-a-Service (MaaS) operation used to supply high-profile cybercriminals with custom-built malware implants. The TerraStealer also is known under the names SONE or StealerOne. The first advertisements for it were published in 2017, and the implant has been involved in several large-scale campaigns since then....

Not all cybercriminals engage in sophisticated attacks against organizations and users worldwide. Some of them prefer to keep a low profile by developing malware and then renting it out to cybercrime organizations who are willing to use it – this is the exact strategy that a team of malware developers, known as Golden Chickens, have adopted. They own an impressive arsenal of hacking tools that other cybercriminals can rent and use in their attacks. This Malware-as-a-Service (MaaS) scheme has...

Z6airr.com is a website associated with Potentially Unwanted Programs (PUPs) compatible with Mac systems. A software of this sort often may bring unsolicited changes when it is installed, and users might be unaware of how to reverse the unwanted changes. Z6airr.com, in particular, appears to be linked to several pieces of the Mac software that claim to offer valuable features when, in reality, their entire purpose is to redirect users to Z6airr.com whenever they perform certain actions in...

Safetytds.com is a shady website that is being promoted via aggressive online advertisements and pop-ups that may bother you if you often browse low-quality Web pages. The goal of Safetytds.com is to convince users that they need to complete a 'Human Verification' check that has some very simple instructions – users are told to click 'Allow' to complete the process. However, doing this, you will end up enabling Safetytds.com's notifications in your Web browser unknowingly. The consequences of...

Online con artists often rely on basic tactics that are executed with the help of misleading alerts, warnings or messages. One such tactic can be found on Rauwoukauki.com – a page that appears to be dedicated to informing visitors that they need to pass a 'Human Verification' check. According to the page's instructions, completing this check is very easy – you just need to click 'Allow' on the prompt shown on your screen. However, the prompt that Rauwoukauki.com displays has nothing to do...

Phaidraiph.com is an intrusive website whose only contents are dedicated to running a simple tactic that has as its main goal is to hijack your Web browser's push notifications. The website will abuse these permissions to deliver paid advertisements to your browser whenever you try to use it – these advertisements may lead you to other shady content, so it is recommended to stay away from the Web destinations they promote. Thankfully, Phaidraiph.com cannot harm you by hijacking your...

Jecmibeshaw.com is a website that has the ability to abuse your browser notifications to deliver paid advertisements that generate revenue for the page's administrator. However, to abuse your browser notifications, Jecmibeshaw.com will need to get some permissions from you – the page tries to do this by displaying a fake prompt saying that you need to confirm that you are not a robot to continue browsing. However, if you end up agreeing to follow the prompt's instructions, you will end up...

ConnectedAnalog is the name of a troublesome application that Windows users do not need to worry about – this is because this software only runs on Mac systems. ConnectedAnalog is categorized as a Potentially Unwanted Program (PUP), and it is important to mention that it does not have an official website, download location or publisher. Instead, the program is being propagated via fake updaters and installers, software bundles or misleading advertisements. The good news is that installing...

The Xati Ransomware is a file-locking Trojan that's from the Dharma Ransomware or the Crysis Ransomware family. The Xati Ransomware stops files from opening by encrypting their data and holds the media hostage until the victim pays its ransom. Users should have robust backups for countering any infections and let their anti-malware service of preference remove the Xati Ransomware safely. With a steady rate of proliferation throughout the year, the Dharma Ransomware is next-and-next with...

The GET Ransomware is a file-locking Trojan that's part of the Dharma Ransomware family, a Ransomware-as-a-Service. The GET Ransomware can stop files from opening through encryption, change their names, delete some backups, and deliver ransom notes to the victim. Users with backups on other devices have protection from the encryption, and anti-malware products will block infections or uninstall the GET Ransomware. Due to the Dharma Ransomware family's numbers not tapering down, users can...

The Oonn Ransomware is a file-locking Trojan that's from STOP Ransomware's Ransomware-as-a-Service business. Like most RaaSes, it uses a (usually, secure) encryption routine for keeping users from opening their media files and drops a ransom note. Recovery through backups and anti-malware products for removing the Oonn Ransomware always is superior to paying its ransom. Whether it's called STOP Ransomware or Djvu Ransomware , according to two of its earliest campaigns, the...

The BitRansomware Ransomware is an independent file-locking Trojan that can stop media such as pictures and documents from opening on your computer. Users are best capable of avoiding permanent damage by having backups on sufficiently-secured devices. Most Windows anti-malware programs also can identify and delete the BitRansomware Ransomware by default. With little fanfare, a file-locker Trojan with advertising as a fresh Ransomware-as-a-Service appears on the dark Web. The BitRansomware...

The Makop Ransomware is a file-locking Trojan family that provides variants to third-party threat actors for a fee. Attackers then launch pseudo-custom campaigns for locking Windows users' media files with encryption and offering a ransom-based unlocking service. Users should protect any high-risk or valuable data with backups and have anti-malware services active for removing the Makop Ransomware members as soon as possible. With variants under analysis since April, the Makop Ransomware's...

The PDF Converter Search is not a good choice if you want to find a software that allows you to reshape documents to PDF and vice versa through your Web browser. There numerous websites that offer such services for free and without asking you to install 3rd-party tools. The PDF Converter Search, on the other hand, cannot be used unless it is installed on your computer. Furthermore, the PDF Converter Search has an impact on your Web browser's settings. As soon as it is installed, the PDF...

SectionIndexer is a Mac application that often poses as a useful addition to your list of helpful utilities. It iparamount to mention that this application does not have an official download location, website or publisher to reach out. Instead, it is spread entirely through software bundling, fake downloads, and false promises. If SectionIndexer is installed on a machine, it may modify your default Web browser's settings immediately so that it redirects you to 'SectionIndexer Search'...

Unsolicited paid advertisements have always been a profitable scheme for online con artists. For a long time, they relied on adware programs to give them the ability to deliver advertisements to the Web browsers of random users. However, nowadays, they can exploit integrated browser features to gain this ability – modern Web browsers allow users to subscribe to a website's notifications and updates. Usually, this is done to receive immediate updates about new articles, posts, events, etc....

Anticalser.club is a Web page that may ask you to confirm that you are not a robot as soon as you stumble upon it. Many users might think that Anticalser.club shows a legitimate prompt since 'human verification' checks are common online – however, we assure you that Anticalser.club is not linked to any anti-robot checks and measures. Instead, the page uses a basic trick to try and hijack your Web browser notifications – if you agree and its instructions, you will end up subscribing to its...

Abeforeign.club is a fraudulent and misleading page that tries to convince visitors that they cannot continue to browse unless they confirm that they are not robots by clicking the 'Allow' button shown on their screen. However, these instructions are false, and Abeforeign.club wants to trick you into clicking a button that will grant the page the permission to use Web browser notifications. Once the permissions have been granted, Abeforeign.club will abuse your browser notifications to...

Chartreuse Blur is a family of adware for Android devices. Its name comes from faking photo-blurring capabilities as an application, which it uses to convince users to install it from an application store, after which it displays unwanted advertisements. Users should remove Chartreuse Blur applications with compatible anti-malware products and pay attention to reviews for signs of a possibly-threatening download. How secure advertisement-delivering software can be is equally about the...