Ultra Tab Search

Posted: August 31, 2020 | Category: Potentially Unwanted Programs (PUPs)
Ultra Tab Search is a dubious browser extension whose sole goal is to bring traffic to a search engine titled 'Ultra Search.' The page in question will be set up as your browser's default new tab and search engine as soon as Ultra Tab Search is installed – often, the only way to reverse this change is to ensure the removal of the program that caused it in the first place. In the case of Ultra Tab Search, you can remove it by using a suitable PC security tool – this is possible because anti-virus products identify Ultra Tab Search as a Potentially Unwanted Program (PUP). If you think...

Foxy Search

Posted: August 31, 2020 | Category: Potentially Unwanted Programs (PUPs)
Foxy Search is an intrusive add-on for Google Chrome and Mozilla Firefox. It is likely to be advertised as a useful utility that can enhance your Web searching experience – however, users who install this extension may end up being severely disappointed with the changes it brings. It appears that the sole purpose of Foxy Search is to increase the traffic that the Web page found at Search.tryfoxy.com receives. This website hosts advertisements that generate revenue for Foxy Search's developers, and it works as a search engine. However, Search.tryfoxy.com should not be considered a reliable...

WSHLP Ransomware

Posted: August 31, 2020 | Category: Ransomware
The WSHLP Ransomware is a file-locking Trojan from the Ransomware-as-a-Service family, Dharma Ransomware. Victims of its attacks may see ransom notes, changes to files' extensions, and may not open their media, such as documents. Most anti-malware products will remove the WSHLP Ransomware, but safe backups are a frequently-mandatory solution for recovering data. Consistency between iterations, easy-to-use business models, and long-term maintenance are the hallmarks of Ransomware-as-a-Services. For Trojan families like the  Dharma Ransomware  (or the  Crysis Ransomware ,...

Proton Malware

Posted: August 31, 2020 | Category: Mac Malware
The Proton Malware is a backdoor Trojan and spyware, also known as Calisto. The Proton Malware targets Apple's old OS X operating system and provides attackers with admin control and collects passwords. Users should remove the Proton Malware and related threats through standard anti-malware services while cleaning up any infection side effects, such as passwords in non-secure text files. The Proton Malware is a semi-famous Trojan and spyware combination that got its notice from the cyber-security industry due to its innovative choice of infection methods and unusual demographics. Besides...

ApocalypseClipper Malware

Posted: August 28, 2020 | Category: Malware | Threat Level: 6/10
The ApocalypseClipper Malware is a small-sized cyber-threat that does not pack many features. Instead, it is meant to work as a clipboard hijacker that can be used to replace cryptocurrency wallet addresses with ones used by the threat's operators. Thanks to this functionality, the ApocalypseClipper Malware may be used to hijack cryptocurrency transfers by replacing the recipient's wallet silently when the victim tries to copy it. Such malware became a frequent occurrence with the rising popularity of cryptocurrency, and, unfortunately, it seems that malware developers have started to rent...

Etnessbr.pro

Posted: August 28, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Online tactics are evolving all the time, and one of the latest trends among fraudsters is to set up websites that have been designed with the sole purpose of hijacking your Web browser notifications. The websites used for the tactic need to gain permission to use your browser notifications so that they will be able to abuse the feature to deliver paid advertisements. A page that engages in such behavior is Etnessbr.pro - it displays fake prompts and messages, which say that you should click 'Allow' to confirm that you are not a robot and to continue browsing the Web. Falling for...

Smallenta.pro

Posted: August 28, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Smallenta.pro is a website that may be brought to your attention by intrusive online advertisements that are likely to be spawned by shady websites linked to the propagation of gambling services, adult videos and pirated content. If you encounter any of Smallenta.pro's prompts, you will be told to press 'Allow' to confirm that you are not a robot. This prompt may sound innocent, but you may end up experiencing some annoying issues if you end up accepting the offer. Smallenta.pro's prompt is meant to ask for your permission to allow the page to use notifications. If the page gets these...

Allfreshposts.com

Posted: August 28, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Allfreshposts.com is a Web page that uses fake instructions and prompts to trick you into subscribing to its notifications. Of course, no user would enable Allfreshposts.com's notifications knowingly, and this is why the website resorts to fraudulent practices to acquire the permissions it needs. When you open Allfreshposts.com, you may be prompted to press 'Allow' to continue browsing. If you complete this action, Allfreshposts.com will begin to spam your browser with notifications that promote affiliate links, various services/products, and questionable content or websites immediately....

PDFSearchio

Posted: August 28, 2020 | Category: Potentially Unwanted Programs (PUPs)
PDFSearchio is a browser add-on that offers to give you the opportunity to convert documents to PDF and vice versa, as well as to search for PDF templates online. However, the resources that PDFSearchio claims to provide have nothing to do with the add-on and, instead, it just refers users to public websites and services that store such resources. Instead of being helpful, PDFSearchio focuses on bringing more traffic to the websites it tries to promote – Feed.pdfsearchio.com (set as the default search engine) and Portal.pdfsearchio.com (set as the default new tab page.) The searches that...

AcceleratePCPro

Posted: August 28, 2020 | Category: Potentially Unwanted Programs (PUPs)
AcceleratePCPro is a rebranded version of a well-known Potentially Unwanted Program (PUP) that goes by a similar name – PC Accelerate Pro. These applications pose as highly effective and useful PC optimizations that can bring countless benefits if installed. Enhanced system health, more disk space, fewer Windows errors, and malware protection are just some of the great things that AcceleratePCPro may promise to potential users. However, users who opt to AcceleratePCPro may be disappointed to find out that the free version of the program does not offer anything helpful – instead, it works...

CoronaCrypt0r Ransomware

Posted: August 28, 2020 | Category: Ransomware
The CoronaCrypt0r Ransomware is a file-locking Trojan that's not a part of a defined family or Ransomware-as-a-Service. The CoronaCrypt0r Ransomware stops files from opening by encrypting them, adds extensions to their names, and displays a potentially screen-blocking ransom note that asks for Bitcoins. Users with backups can disregard the extortion attempt and remove the CoronaCrypt0r Ransomware through any competent anti-malware service, before recovering their media from the backup. Little of its code remains useful to the modern threat landscape, but the  WannaCryptor Ransomware...

TERRACOTTA

Posted: August 28, 2020 | Category: Botnets
TERRACOTTA Malware creators often try to promote their threatening programs by claiming to give users the ability to win great prizes or get some freebies. The same strategy is being employed by the operators of a new Android botnet called TERRACOTTA. The project specializes in ad-fraud – a common strategy that Android malware uses to generate currency fort its creators. Cybersecurity experts have been able to track TERRACOTTA's activity back to the winter of 2019, and they suspect that this is the period in which the botnet started to grow rapidly. As of June 2020, over 65,000 Android...

Net01.biz

Posted: August 27, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Net01.biz is one of several websites designed to promote a low-effort tactic that tries to access your Web browser's notifications. The tactic is also found on the websites net02.biz, net03.biz, net04.biz, net05.biz, and falling for it can be a very annoying thing to experience. These pages try to convince visitors that they have to press 'Allow' to confirm that they are not robots and continue browsing. However, pressing this button will result in granting Net01.biz permission to display browser notifications. Needless to say, a website that uses false instructions to get access to your...

SkilledOrigin

Posted: August 27, 2020 | Category: Potentially Unwanted Programs (PUPs)
SkilledOrigin is a Potentially Unwanted Program (PUP) that is only available for Mac computers. This software does not have an official download page or website and, instead, its creators rely on fake downloads, false promises, and software bundles to help it reach more users. In many cases, users may install SkilledOrigin by accident if they do not pay close attention to a software bundling they are installing. The good news is that this minor issue will not have any harmful consequences, since SkilledOrigin is not a harmful application. However, SkilledOrigin may have a negative impact...

LogarithmicRecord

Posted: August 27, 2020 | Category: Mac Malware
LogarithmicRecord is a questionable Mac utility whose installer you may encounter on random websites that claim to provide useful applications and add-ons. LogarithmicRecord, however, is not as helpful as some websites would like you to believe – the purpose of this application is not to help you. It is focused solely on redirecting your Web searches to 3rd-party sites, which contain advertisements that may generate revenue for LogarithmicRecord's creator. Upon installation, LogarithmicRecord will make itself difficult to remove by tampering with your Mac's 'Launch Daemon' and 'Device...

StreamBrosSearch

Posted: August 27, 2020 | Category: Potentially Unwanted Programs (PUPs)
StreamBrosSearch is an unnecessary browser add-on that promises amazing features, but its true purpose is to bring traffic to a website affiliated with the extension's developer. The traffic is brought to the page by ensuring that all users of StreamBrosSearch will have their new tab page replaced by Portal.streambrossearch.com, and search aggregator by Feed.streambrossearch.com. This is not n unsafe change, but you should know that this page is not as reliable as renowned search engines like Google, Bing or Yahoo. Furthermore, the searches that StreamBrosSearch provides are likely to...

NW24 Ransomware

Posted: August 27, 2020 | Category: Ransomware
The NW24 Ransomware is a file-locking Trojan that's from the Ransomware-as-a-Service, Dharma Ransomware. Windows users with infections may find files not opening, missing backups, unusual extensions on files' names, or ransom-themed messages with skull and crossbones logos. Dedicated anti-malware programs will remove the NW24 Ransomware or stop its installation appropriately, and a robust backup plan counteracts most data loss issues. With an easy-to-use, kit-based RaaS model, the  Dharma Ransomware  is one of the most distributed and varied file-locking Trojan families as of 2020....

Horse Ransomware

Posted: August 27, 2020 | Category: Ransomware
The Horse Ransomware is a file-locking Trojan that can keep media and other files from opening through encrypting their contents. As a member of the Phobos Ransomware family, it remains likely to utilize other attacks that are traditional for that group, such as deleting Windows backups. Storing secured backups can help recover files without a ransom, and standard anti-malware tools should delete the Horse Ransomware with little to no difficulty. With little more restraint than any wild mustang,  Phobos Ransomware 's family, and new variants like the Horse Ransomware, offer attacks...

PhysXPluginMfx

Posted: August 27, 2020 | Category: Malware | Threat Level: 6/10
High-profile cybercriminals often go after very specific targets by exploiting software and services they use regularly. This is the case with the threatening PhysXPluginMf, a plug-in for the popular 3D editing software called 3Ds Max. The corrupted add-on has been active all over the world, and its victims are often companies that are involved in some sort of 3D design – gaming, engineering, and the architecture sectors are the likely targets of the gang behind PhysXPluginMfx. The very carefully selected targets of the PhysXPluginMfx operation means that we are talking about a very...

SunCrypt Ransomware

Posted: August 27, 2020 | Category: Ransomware
The SunCrypt Ransomware is a file-locking Trojan with a business association with the Maze Ransomware campaign's threat actors. This element primarily manifests in sharing domain contacts and, potentially, techniques for infecting victims' computers. Despite the originality of its history, users can protect their files through the same means of backing work up to other storage devices and keep a reliable anti-malware product for removing the SunCrypt Ransomware. File-locking Trojans can cast long shadows, with their business models and attack methodology making ripples throughout the...
Home "Articles"