Easy Gaming App

Posted: January 14, 2020 | Category: Potentially Unwanted Programs (PUPs)
The Easy Gaming App is the name of a dubious browser extension that users might install because it promises to allow them to access to free and Web-based games that offer hours of entertainment. However, the installation of the Easy Gaming App add-on does no such thing – the game platforms that the Easy Gaming App advertises are public and accessible via a quick Web search easily. This means that there is no need to install 3rd-party software to access them. Quick access to games is not the only innovation that the Easy Gaming App add-on brings – it also will replace your Web browser's...

Shopper

Posted: January 13, 2020 | Category: Droppers | Threat Level: 8/10
Shopper is the name of a malware family that is compatible with Android devices and has been very active in the past few months. A large portion of the active instances of Shopper are installed on mobile devices in Russia, so this appears to be the region that the authors of the Shopper Trojan prioritize. However, cybersecurity researchers add that this Trojan family is also very active in India and Brazil. The Shopper Trojan is not spectacular in terms of functionality, and it appears that click-fraud is its primary goal – it is able to hijack the user's account to create fake reviews of...

LiquorBot

Posted: January 13, 2020 | Category: Botnets
Cybercriminals continue to be inspired by the success of the Mirai Botnet to this very day, and they continue to borrow ideas from this threatening project that was responsible for some of the largest Distributed-Denial-of-Service (DDoS) attacks in the history of the Internet. One of the newest and most active botnets that makes use of Mirai's features is the LiquorBot – a botnet designed to plant trojanized cryptocurrency miners on compromised devices. The core modules of the LiquorBot botnet are written in the Go programming language, so it is different from Mirai in terms of design –...

Ako Ransomware

Posted: January 13, 2020 | Category: Ransomware
The Ako Ransomware (also known as the MedusaReborn Ransomware) is a reworked version of the Medusa Ransomware that showed remarkable activity in the last months of 2019. This new threat is not compatible with free decryption tools, and the only reliable way to undo the damage it does is to restore the locked files from a recent backup. If you are a victim of the Ako Ransomware and you do not have a reserve copy of your important data, then recovering from this attack can be a very challenging task. The Ako Ransomware's attack starts by generating a unique victim ID for the infected...

Ulticurveylips.info

Posted: January 13, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Ulticurveylips.info is a website designed to hijack your Web browser's ability to display notifications, and then use it to bombard you with potentially fraudulent advertisements. The advertisements that Ulticurveylips.info serves may contain all sorts of content – gambling services, adult sites, dating services, blogs, online stores, etc. It is strongly recommended avoiding following suspicious advertisements whose source is not considered to be trustworthy, since you may end up visiting a fraudulent website associated with schemes. The homepage of Ulticurveylips.info does not contain...

Quimera Ransomware

Posted: January 10, 2020 | Category: Ransomware
The Quimera Ransomware is a file-locker that seems to be closely related to the Pashka Ransomware, whose attacks were reported earlier this week. Unlike its predecessor, the Quimera Ransomware will not apply any changes to the names of the files it locks, and users might find it difficult to distinguish between encrypted and non-encrypted files. The only way to confirm whether a file has been encrypted is to try to open it and see if it works. The purpose of the Quimera Ransomware is to encrypt as many files as possible, and this is why it is programmed to target a long list of file formats...

BitPyLock Ransomware

Posted: January 10, 2020 | Category: Ransomware
The BitPyLock Ransomware is a file-locker that may specialize in targeting company networks, therefore ensuring that it will encrypt the contents of valuable files that the companies will want to restore at any cost. The BitPyLock Ransomware is not unique in terms of functionality, and it behaves just like other popular file-lockers – it encrypts the contents of popular file formats, modifies the names of the locked files, and ends the attack by creating a ransom note for the victim to find. All files that the BitPyLock Ransomware locks will have the '.bitpy' extension added to their...

Olaldo.com

Posted: January 10, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Olaldo.com is a page whose content is meant to trick users into allowing the website to display notifications in their Web browser. The issue with allowing pages like this one to make use of your Web browser's notifications menu is the fact that Olaldo.com may use these permissions to flood you with advertisements for various adult dating sites, gambling services, blogs, affiliated services/products, etc. Needless to say, a significant part of this content will not be relevant to your interests, and it might continue showing up every few minutes. To get the permissions it needs,...

Mcls.xyz

Posted: January 10, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Mcls.xyz is a website whose homepage displays a basic search engine that redirects its users to a legitimate and popular Russian Web search service. However, upon further analysis of URLs linked to Mcls.xyz, cybersecurity experts uncovered a series of pages that appear to display fake 'Adobe Flash Update' prompts whose purpose may be to trick users into downloading a Potentially Unwanted Program (PUP) or other dubious utilities. Fake Adobe Flash Player updates are one of the most popular contents that cybercriminals and online con artists use to disguise potentially harmful downloads, and...

Dustman

Posted: January 9, 2020 | Category: Malware | Threat Level: 6/10
The final days of 2019 were marked by the discovery of a new piece of data-wiping malware that goes by the name Dustman. What is even more gripping is that this threat appears to originate from Iran, a country whose cybercriminals are linked to several other data wiping malware strains like Shamoon and ZeroCleare. The new threat, dubbed Dustman, was used in only one attack campaign that targeted Bapco, a large oil company with headquarters in Bahrain. Although Dustman comes from Iran, there is no reason to believe that the cyberattack is linked to the tense relationship between Iran and...

DarkCrypt Ransomware

Posted: January 9, 2020 | Category: Ransomware
The DarkCrypt Ransomware is a file-encryption Trojan whose purpose is to cause damage to the victim's data and then extort them for money by offering to provide them with a data recovery solution. It seems that the threat appears to mimic the behavior of the infamous WannaCry Ransomware infection, but the good news is that both of them are not related in any way – the DarkCrypt Ransomware is far less threatening. The DarkCrypt Ransomware may be spread via fake downloads, torrent trackers, pirated media/software, or even fake email attachments. If the users end up launching the harmful...

Somik1 Ransomware

Posted: January 9, 2020 | Category: Ransomware
The Somik1 Ransomware is a low-quality file-locker that shares the same file-encryption algorithm as the infamous HiddenTear project – an open-source ransomware application whose author developed it for educational purposes. Unfortunately, it did not take long for cybercriminals to hijack HiddenTear's code and use it to craft easy-to-create file-lockers that could be used to extort their victims for money. Victims of the Somik1 Ransomware may be able to rely on a free decryption tool to help them recover from the Somik1 Ransomware's attack – the free HiddenTear decryptor should be able to...

Piolo.xyz

Posted: January 9, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Piolo.xyz is a page that hosts a bogus search engine that users may end up using without wanting to do so. This unexpected change may be caused by the installation of a Potentially Unwanted Program (PUP), which demands permission to replace the Web browser's default search engine or new tab page. By doing so, the PUP will ensure that Piolo.xyz will receive a good amount of traffic since it will end up being visited whenever the user attempts to initialize an online search via their Web browser's address bar. Needless to say, PUPs that exhibit such behavior should be uninstalled immediately,...

Myceterparagr.info

Posted: January 9, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Myceterparagr.info is a page designated to trick users into providing it with permissions that shady websites like this one do not need. It may display a fake prompt that asks the user to click the 'Allow' button on a Web browser panel that prompts the target to provide Myceterparagr.info with the ability to display notifications. The users may be told that they must complete this action to: Pass a CAPTCHA check and confirm that they are not a robot. Enter in a special prize raffle. View embedded media content. Needless to say, you should not click the 'Allow' button regardless...

SNAKE Ransomware

Posted: January 8, 2020 | Category: Ransomware
Corporate networks are being targeted by a new piece of ransomware that goes by the name SNAKE Ransomware. This threat is unlike some of the more popular ransomware families because it does not focus on encrypting separate workstations – instead, it goes after the entire network, therefore maximizing the damage its attacks inflict. Another interesting fact about the SNAKE Ransomware is that it is written in the Golang programming language, a rather unorthodox programming language when it comes to malware development. Last but not least, the SNAKE Ransomware's code is obfuscated heavily to...

Pashka Ransomware

Posted: January 8, 2020 | Category: Ransomware
The Pashka Ransomware is a file-locker, which has the ability to encrypt a wide variety of file types to make their contents impossible to access. This threat is being used as an extortion tool by cybercriminals who offer to provide their victims with a decryption tool in exchange for a ransom payment. We advise you not to co-operate with the crooks behind the Pashka Ransomware because they are unlikely to provide you with a decryption tool even if you end up paying the money they ask for. The Pashka Ransomware's attack will leave all locked files with a changed name by adding the...

Prizedeal0919.info

Posted: January 8, 2020 | Category: Browser Hijackers | Threat Level: 5/10
One of the most common and harmless online scams today aims to trick users into providing a shady website with the ability to display notifications in their Web browser. Thankfully, users who make this mistake are unlikely to suffer severe consequences, since these websites specialize in aggressive marketing campaigns. This means that they will use their ability to display notifications to bombard the user's Web browser with ads for various products, services, and websites. One of the pages that attempt to trick users into giving it the ability to display permissions is...

Betanews.me

Posted: January 8, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Betanews.me is a bogus page whose sole purpose is to trick its visitors into allowing it to display notifications in their Web browser. The notifications options that modern Web browser support are often used by news outlets to provide their readers with the latest news and updates, but you can rest assured that the plans of Betanews.me are different. This website may use these notifications for advertising various products and services, untrustworthy websites, or websites that need to receive more traffic. Overall, the content that Betanews.me provides should not be trusted, and we advise...

Dever Ransomware

Posted: January 7, 2020 | Category: Ransomware
A new file-locker is being spread online with the help of fraudulent email messages that claim to come from government institutions or reputable companies. The goal of the fake emails is to convince the victim to download a corrupted file attachment whose purpose is to initialize the Dever Ransomware attack. This threat is able to encrypt a wide variety of file formats, therefore ensuring that its victims cannot access their important documents, databases, archives, images, videos and other files. Unfortunately, threats like the Dever Ransomware have become very common in the past few...

SlankCryptor Ransomware

Posted: January 7, 2020 | Category: Ransomware
The SlankCryptor Ransomware is a file-locker that seems to still be in development. One of the peculiar traits of this threat is that it uses images of Slank, a popular Indonesian rock band. Of course, the band is not related to this threat's development and, instead, it is likely to have been made by someone who dislikes the band and wants to ruin their reputation. Although the SlankCryptor Ransomware does not appear to be a well-programmed cyber threat, it still possesses the ability to encrypt a variety of file formats, making its contents inaccessible. After the SlankCryptor...
1 2 3 4 5 6 7 8 9 10 11 12 13 1,249
Home "Articles"