Remote Access Trojans (RATs) are one of the most threatening tools in the arsenal of cybercriminals – they often allow the attacker to access all of the victim's files, and it also enables them to execute a wide variety of actions that may allow them to monitor conversations, collect login credentials, manage the system's configuration, collect financial information and more. One of the latest RATs to be seen in the wild is called the SamoRAT, and it does not appear to be based on any of the...

Quetumourne.club is a fake website that you may encounter accidentally since its contents are being promoted via shady online advertisements. Once Quetumourne.club is loaded, it may show a series of pop-ups, which tell you to confirm your identity by pressing 'Allow.' While this message may appear legitimate to many people, you can rest assured that following Quetumourne.club's instructions is a bad idea. While this page cannot cause any harm, clicking 'Allow' on the prompt it shows, will end...

The 'Your Device Was Not Properly Secured' email scam is a new fraudulent email message that hundreds of users worldwide have received since May 2020. The email usually contains one of the nicknames that the victim uses – a simple trick to make the threat appear more believable. The authors of the unsafe message claim to have gained access to the victim's computer via a Windows Trojan, and they state that they have collected a large amount of data from the victim. They provide a link that is...

The Storm Search is a browser extension that affects Windows users. It may pose as an add-on that can help you find more relevant results while searching the Web, but, in reality, it does no such thing. The only change that Storm Search introduces is replacing your default new tab page and search engine with Stormsearch.net. While there are no evil intentions behind this change, it may be difficult to revert it manually - Storm Search abuses Google Chrome's 'Managed by your organization'...

WebAdvancedSearch is a dubious program for Mac computers whose installation may often bring undesired side effects that usually impact Web browsers' performance. WebAdvancedSearch may be advertised as a product capable of enhancing your online searches, but, in reality, its sole purpose is to bring more traffic to websites affiliated with the website's creator – by doing so, they will generate more ad revenue. Needless to say, WebAdvancedSearch has no interest in being helpful, and it has...

The DPS Websafe is a Potentially Unwanted Program (PUP) whose name suggests that it will help you browse the Web safely and privately – unfortunately, the DPS Websafe does no such thing, and the only noticeable change that you will see when you install this application is that it will replace your Web browser's default search engine. While this is not a harmful change, it may make it more difficult to find reliable Web search results, and it may also increase the number of advertisements you...

The Total Mac Fixer is a program that works on Mac computers only. According to its creators and official website, the Total Mac Fixer is meant to help users free up space on the disk by eliminating unnecessary files, improve performance by fixing various issues, and protect the system from 'rogue software.' While the Total Mac Fixer does possess the ability to identify some unnecessary files and remove them, it is not nearly as helpful as it claims to be. Furthermore, the Total Mac Fixer may...

The FlyBox Ransomware is a file-locking Trojan that can encrypt your media files and keep them from opening in their associated programs. The FlyBox Ransomware generates interactive pop-ups for its ransom demands, which ask for Bitcoins in return for an unlocker. However, there are free options for recovery, in addition to traditional backups, and malware experts recommend ignoring the ransom while letting anti-malware services remove the FlyBox Ransomware. File-locking Trojans bank as...

The Pojie Ransomware is a Chinese file-locking Trojan that blocks your media and holds it for ransom. Besides including references to a reverse-engineering software site, it also may hide its executable as a picture or as Windows server software and targets Chinese speakers. Users should keep to the standard solutions of a secured backup for retrieving their files and anti-malware services for uninstalling the Pojie Ransomware. The self-declared 'I Love Cracks' Web forum of 52pojie.cn is...

PlusAbout is a Mac application that does not appear to have a variant for the Windows operating system. This is an application classified as a Potentially Unwanted Program (PUP) – it can apply unwanted changes to your system and browser settings. It may not be easy to remove manually. Users may end up with the PlusAbout on their Macs even though they do not recall accepting to install it – this is because the program is being spread via misleading instructions and promises, as well as with...

Laininvitableim.club is a website that engages in a fraudulent activity whose goal is to trick visitors into following fake instructions that will ultimately subscribe them to the notifications of Laininvitableim.club. While this change is not unsafe, you may experience unwanted problems because Laininvitableim.club will abuse your Web browser's notifications panel to flood you with undesired advertisements that often may promote questionable products, services, and Web pages. If you see...

The 'Server Notification' email scam is a new fraudulent email tactic that appears to lead its recipients to a phishing page that asks them to enter the details for their email account. This scheme's targets may be users of different email services – Gmail, Yahoo, Hotmail, etc. The message reads that the users have to provide an email recovery number to keep their inbox safe – it ends the message with a warning stating that the email inbox's contents may be lost if this action is not complete...

The flowEncryption Ransomware is a file-locking Trojan that can prevent media files such as documents from opening. Users should keep backups of their work for recovering without ransoms or data loss. Most Windows anti-malware programs should identify and delete the flowEncryption Ransomware and block standard drive-by-download exploits appropriately. When Trojans deviate from the expectations of their previous examples, there usually are reasons for it. With the newly-detected samples of...

The Aris Ransomware is a file-locking Trojan that can lock the user's media and hold it hostage until its threat actor receives a ransom. Because of the expense and dangers of ransom-based transactions, users should have backups in a non-local and secure location for recovering anything that this threat blocks. Anti-malware programs, also, should uninstall the Aris Ransomware and prevent most infection exploits. Alternately referring to itself as either 'ArisLocker' or 'Aris Locker,' the...

The IT Ransomware is a file-locking Trojan that includes attacks for encrypting digital media and locking the user's screen or desktop. Users should always have a backup to protect their files and use standard Windows recovery options for working around user interface-blocking attacks. Always use suitable anti-malware products for uninstalling the IT Ransomware or preventing infection attempts by traditional means such as document exploits. The iconic horror novelist, Stephen King, is just...

The Wholocked Ransomware is a file-locking Trojan that can capture your digital media files through encrypting them. Its symptoms include hijacking the user's desktop wallpaper, creating text ransom notes, and tagging the names of files with 'wholocked' extensions. As always, users should have backups secured for their recovery needs and delegate the removal of the Wholocked Ransomware to trusted anti-malware products. Independent versions of file-locking Trojans and smaller families are a...

The '.google File Extension' Ransomware, also known as GoGoogle Ransomware, is a file-locking Trojan that can encrypt your files so that they can't open. The '.google File Extension' Ransomware campaign targets unprotected Web servers preferentially but may harm any user's media, whether at home or in a work environment. Victims can recover with any available backup, along with anti-malware tools for guaranteeing the safe removal of the '.google File Extension' Ransomware. With campaigns...

Burstsearch.com is a basic search engine that does not appear to be related to any suspicious or harmful content. However, it may rely on some shady techniques to bring more users to the site, and boost its traffic – it appears to be linked to Potentially Unwanted Programs (PUPs) and browser hijackers that are dedicated to setting Burstsearch.com as your Web browser's default new tab page or search engine. Such behavior is not unsafe, but it is understandable why most users consider it to be...

The Zeromax Stealer is a new threat that is being sold on hacking forums by the program's original creators. Like many other malware developers, they have opted to sell their products instead of using them in their campaigns – this is a money-making trick that many malware authors use. Unfortunately, this makes high-quality hacking tools available to anyone who is willing to pay the price. According to Zeromax Stealer's author, the stealer is focused on harvesting data from online services...

Appearereque.club is a page that may cause some trouble if you do not spot the subtle tactics it runs. Thankfully, the tactic found on Appearereque.club is not an unsafe one, and falling for it will not have severe consequences – however, it will still be an annoying issue to experience. Appearereque.club's tactic is annoying because it aims to trick you into granting the Web page permission to use browser notifications – this change is not severe, but Appearereque.club will abuse this...