The Jwjs Ransomware is a file-locking Trojan without a currently identifiable family. The Jwjs Ransomware blocks the user's digital media, such as documents, and holds it captive while waiting on a ransom. Users should have backups on secondary devices for a fast recovery and anti-malware applications to automatically flag and remove the Jwjs Ransomware. Even though it borrows a ransom note that families like the Globe Ransomware , the Globe Imposter Ransomware , and even old versions of...

Cobian RAT is a cyber threat that was first identified by malware researchers in 2017, but it has undergone significant updates since then. At first, the project was sold on underground hacking forums by the original author, and the situation has not changed much in the past three years – ads for the Cobian RAT are still circulating on boards frequented by cybercriminals. Any crook with a bit of money in their pocket can purchase a license and builder for Cobian RAT, and then use their...

FakeSpy is spyware for Android devices that collects multiple data types, including contacts, account credentials and financial information. FakeSpy usually infects victims through SMS messages and may disguise itself as a safe download such as a postal service application. Compatible anti-malware programs should safely delete FakeSpy, although users also should change passwords and take other precautions for re-securing their accounts. With its activities against victims under analysis...

Dozens of users have received fake emails titled 'Wacker – Customer Enquiry <RANDOM NUMBERS>' recently. The message is meant to look as if it was sent by a Wacker Chemie AG, a company operating in the chemical industry. However, they are not the entity behind these emails and, instead, the messages are being used to spread threatening software such as the NetWire RAT (Remote Access Trojan.) The recent campaign, called the 'Wacker' email virus, appears to target users worldwide, and it...

OnlinePrivacyManager Toolbar is a tool that promises great things when it comes to improving your online privacy and protecting your data from marketing teams who use it for targeted advertising. However, we assure you that installing OnlinePrivacyManager Toolbar is a bad idea, and it will not deliver on its promises. Another issue with OnlinePrivacyManager Toolbar is that it may modify your Web browser's configuration in a negative way by replacing your default new tab page and search...

Gichelfactice.info is a misleading website that may try to trick you into executing actions that you should not be performing, certainly. The good news is that the con artists behind the Gichelfactice.info tactic are not trying to lure you into downloading threatening software or visiting phishing pages and, instead, their goal is less harmful – they want to trick you into subscribing to the notifications of their website. This change does not sound like a major issue, but you should know...

Ustinctsretio.info is a fake page that tries very hard to convince visitors that they have to confirm to be a real person by pressing 'Allow' on the prompt shown on their screens. However, this prompt has nothing to do with robot checks, and its real purpose is to allow Ustinctsretio.info to show browser notifications. If you fall for this basic tactic and enable Ustinctsretio.info's notifications, your Web browsing experience will likely be much worse. This problem will be caused by the...

The VinDizelPux Ransomware is a file-locking Trojan that's from the MedusaLocker Ransomware family. Chief symptoms among infections include the data encryption that blocks different files from opening until the victim, at the attacker's behest, pays a ransom for a decryption service. Users with backups should recover quickly, and reliable anti-malware programs will prevent infections or uninstall the VinDizelPux Ransomware when relevant. The mythology-inspired  MedusaLocker Ransomware...

The Gyga Ransomware is a file-locker Trojan or a threat that encrypts your media files so that they can't open. Its attacks include traditional notes asking for ransoms for the criminal's recovery aid and other supporting features like deleting backups. A non-locally-saved backup can provide a smooth recovery process, and most anti-malware products can remove the Gyga Ransomware, like other members of its family. The lines between threat categories sometimes blur, as in the case of the...

The pain@onefinedstay.com' Ransomware is a file-locking Trojan from the Dharma Ransomware family. The pain@onefinedstay.com' Ransomware can stop digital media like documents from opening by encrypting them securely and demands a ransom for unlocking them. Users can protect themselves through twofold solutions involving general backup security and anti-malware tools for removing 'the pain@onefinedstay.com' Ransomware on sight. The RaaS Trojan sector's rent-based business is a well-known...

The Promethium APT or (Advanced Persistent Threat) is a threat actor that collects information, such as Word documents, from compromised systems. Its long-term campaigns imply state sponsorship and use sophisticated features such as digital certificates and layered Command & Control networks for guaranteeing access. Users should scan their software downloads for possible threats from this group and let anti-malware products remove the Promethium APT's Trojans on detection. The threat...

StrongPity is spyware that collects information from Windows systems. StrongPity may disable various security features as part of its mission, which emphasizes exfiltrating Microsoft Office files. Users should interact with new software downloads carefully for avoiding infections and let their anti-malware solutions remove StrongPity as soon as possible after an attack. The threat actor Promethium APT , wielder of spyware like FinSpy and, now, StrongPity, is showing an expansion of...

The EvilQuest Ransomware is a combination of file-locking Trojan, backdoor Trojan and spyware. The EvilQuest Ransomware infiltrates macOS systems, holds their files for ransom after encrypting them, and collects information and creates a backdoor for remote attackers. Users of macOS devices should protect themselves with robust anti-malware services for removing the EvilQuest Ransomware, and backups for compensating for any data encryption. Threats attacking Mac-brand environments are on a...

The 'Free Up Some Memory Urgently' pop-ups are fraudulent Web browser messages that you may see if you stumble across a shady website designed to promote online tactics. The 'Free Up Some Memory Urgently' pop-ups are designed to look like regular Windows warnings, and they may mislead users into thinking that this is a legitimate Windows alert easily. The message states that the users' computers are overloaded, and they must free up some memory immediately to prevent more serious problems...

Con artists often use misleading websites to display fraudulent alerts and warnings that aim to trick users into engaging with fraudulent content. One of the pages that employ such tricks is Onsiderivatej.info, but, thankfully, its ultimate goal is rather harmless – it wants to gain the ability to display notifications in your Web browser. It does this by displaying a fake prompt, which tells you to confirm that you are not a robot by pressing 'Allow.' However, opting to fulfill the request...

Newmode.biz is a website that uses a fake video player and loading animation to trick visitors into thinking that they have to allow a video playback by clicking a select button that says 'Allow.' However, if a user opts to follow the website's bogus instructions, they will end up allowing the page to use Web browser notifications. While this change is not a security threat, it may worsen your Web browsing experience drastically by guaranteeing that you will see loads of Newmode.biz...

My Smart Converter is a browser utility that is meant to serve as a neat file conversion tool that will be at your disposal whenever you browse the Web. However, there is a catch – the content that My Smart Converter offers is only found in your new tab page, and this is why My Smart Converter will demand permission to change your Web browser's default new tab to Mysmartconverter.com/newtab/v1. While this change is not a major problem, many users are unlikely to enjoy being forced to use an...

MyShortcutTab is a browser extension that we do not recommend installing because it may bring unwanted changes that will affect your Web browser's settings and behavior. Another reason why installing MyShortcutTab is a bad idea is because it is classified as a Potentially Unwanted Program (PUP) by multiple reputable security products – needless to say, this is more than enough proof to know that there is something fishy about this browser extension. Usually, browser add-ons are meant to...

SearchConverterHD is a tool that users may come across while searching for neat browser utilities to help them convert audio, video, documents or other files. However, installing the SearchConverterHD will not provide you with any unique features and, instead, it will apply undesired changes to your Web browser's settings by forcing you to use the new tab page Search-converterhd.com. On top of this, all Web searches you start through the address bar also will take you to...

Con artists continue to experiment with email tactics that usually follow the same pattern – they offer the recipients a great reward, and then trick them into sending money to the fraudsters, or providing them with a lot of information. One of the recent tactics to use such a trick is the '2020 EU/COMMONWEALTH LOTTO' email scam – its recipients appear to be both English-speaking and Portuguese-speaking users. The email claims that the recipient has been chosen to win $500,000 because of the...