BDDY Ransomware

Posted: January 7, 2020 | Category: Ransomware
The most effective way to protect yourself from ransomware attacks requires the use of two services –an anti-malware product with real-time protection and a reliable data backup service that can help you recover your files if you become a victim of a ransomware attack. Users who do not take the required steps to protect their systems are prone to becoming the next victims of the BDDY Ransomware or similar threats. The BDDY Ransomware, in particular, is a file-encryption Trojan that is based on the Matrix Ransomware project. Unfortunately, the fact that it is based on an old ransomware...

Clk2win.com

Posted: January 7, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Clk2win.com is a fraudulent page that abuses fake alerts and warnings to trick its visitors into granting the page permission to display notifications in their Web browser. These fake warnings and alerts may often appear when the users attempt to view embedded media on a shady page – the Clk2win.com page may then state that they must click the 'Allow' button to continue. While granting these permissions to Clk2win.com is not a major issue, it may have a disadvantageous impact on your Web browsing experience since this website will bombard your browser with advertisements via the...

Cuba Ransomware

Posted: January 6, 2020 | Category: Ransomware
File-lockers are a type of cyber threat that is programmed to carry out a devastating file-encryption attack whose purpose is to prevent its victims from working with their important files. The authors of ransomware often program it to encrypt a long list of file types – documents, spreadsheets, presentations, images, archives, databases, and videos are just some of the file formats that these threats are able to encrypt, to make sure that the ransomware's offense will be as damaging as possible. One of the new file-lockers to be identified in 2020 is the Cuba Ransomware – it shares some...

Devil Ransomware

Posted: January 6, 2020 | Category: Ransomware
The Dharma Ransomware continues to be one of the most active ransomware families. The latest addition to it is the Devil Ransomware, a threat whose attack may have terrible consequences for your files. This malicious program may be spread via pirated media and software, fake downloads and updates, or malicious email attachments. We advise you to avoid downloading files from non-trustworthy sources, as well as to make sure that your PC is protected by an up-to-date antivirus software suite. Failure to stop the Devil Ransomware's attack may end poorly for your files since this threat...

'FINAL WARNING' Email Scam

Posted: January 6, 2020 | Category: Adware | Threat Level: 2/10
The 'FINAL WARNING' email scam is associated with a fake extortion email that users worldwide appear to be receiving from random email addresses. The purpose of this email seems to be to trick the victim into thinking that a hacker has obtained pornographic materials from them, and they threaten to send them to their family, friends, and co-workers. Extortion emails that rely on illegally obtained pornographic materials are often described as 'sextortion' and, unfortunately, they have become quite popular among online con artists. The 'FINAL WARNING' email scam, in particular, has a very...

Clickthatpush.com

Posted: January 6, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Clickthatpush.com is a bogus page that is being used to promote questionable content that may be related to online scams. One of the pop-ups that Clickthatpush.com's visitors may encounter frequently is associated with an offer to renew the user's anti-malware service subscription – however, the link that says 'Renew Subscription' may lead visitors to a bogus page whose goal is to promote a fake security product or to display a fake payment form that may be used to gather sensitive data. Users may encounter the Clickthatpush.com website when they browse shady Web destinations that work...

Coolsearch.xyz

Posted: January 6, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Coolsearch.xyz is a website associated with marketing content that may show up in your Web browser out of the blue. This is because Coolsearch.xyz is being promoted via shady advertising networks that you may come across while browsing low-quality websites such as the ones linked to the distribution of adult videos, pirated software, illegal online streams, etc. Seeing the Coolsearch.xyz URL in your Web browser is not a symptom of a malware infection, so you should not worry about your computer's security. However, you should not forget that the pages that Coolsearch.xyz hosts may promote...

Shitcoin Wallet

Posted: January 3, 2020 | Category: Misleading Programs | Threat Level: 10/10
Cybercriminals often attempt to disguise their threatening applications as legitimate programs. Such is the case with the Shitcoin Wallet, a piece of software that can work either as a standalone application or an extension for the Google Chrome Web browser. The purpose of the Shitcoin Wallet is to help users manage their Ethereum (ETH) funds, as well as any ERC20 tokens they may have access to. All of its features appear to be legitimate, and the application has gathered nearly 1,000 installs from the Google Chrome Store. However, cybersecurity researchers state that Shitcoin Wallet may be...

Zeoticus Ransomware

Posted: January 3, 2020 | Category: Ransomware
File-encryption Trojans still being the number one threat to the safety of your files. These threats are able to corrupt the contents of countless of file types, and recovering from their attack often may be an impossible task. One of the most recent ransomware families to be identified by anti-virus vendors is the so-called 'Zeoticus Ransomware.' This file-locker appears to be a fully finished project, and it has the ability to encrypt a wide variety of file formats. Naturally, its primary targets are files that may contain important data – documents, images, videos, archives, databases,...

Balanceformoon.com

Posted: January 3, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Balanceformoon.com is a dodgy website that pretends to host adult content, but, in reality, its sole purpose is to display decoy media that the user might want to see. However, users who wish to access the media or image found on Balanceformoon.com may be asked to allow this website to display notifications in their Web browser. This prompt might not seem like a big deal to many people, but we assure you that granting these permissions to Balanceformoon.com may end up being a rather annoying issue to deal with. This is because Balanceformoon.com will use its ability to display Web browser...

Diavonformaticcop.info

Posted: January 3, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Online tactics work in many ways, and users may often become victims of a tactic even if they think that they are doing something that is safe perfectly. One of the more harmless online tactics is being used to generate traffic to particular websites, and it is executed with the help of fraudulent pages that use deceptive messages to trick users into allowing them to display browser notifications. One of the bogus pages that are a part of a tactic of this type is found at Diavonformaticcop.info – a website that does not appear to host any content at first. However, it has several pages that...

FocusProvide

Posted: January 3, 2020 | Category: Adware | Threat Level: 2/10
FocusProvide is a Potentially Unwanted Program (PUP) that only works on devices running Apple's OSX. The good news is that this program is not harmful. However, it also is not helpful at all – in fact, users who install FocusProvide may not notice any improvements in terms of their ability to search and navigate the Web, even though these are supposed to be FocusProvide's main features. In reality, the purpose of FocusProvide is to promote several websites by setting them as the Web browser's default new tab page or search engine, as well as by causing redirects to these websites on a...

Momentum Botnet

Posted: January 2, 2020 | Category: Botnets
The Momentum Botnet is a new malware project that seems to target Linux devices exclusively. Cybersecurity experts that track the Momentum Botnet's activity and development report that the threatening software is compatible with a broad range of CPU architectures that run Linux – ARM, Intel, MIPS and others. This means that the Momentum Botnet may be able to work on routers, Internet-of-Things devices, smartphones and other devices. Once the operators of the Momentum Botnet manage to infiltrate a device, they deploy a different backdoor depending on the compromised device's architecture –...

Erica2020 Ransomware

Posted: January 2, 2020 | Category: Ransomware
The Erica2020 Ransomware is another threatening file-locker that does not possess any extraordinary abilities, but it is more than capable of causing potentially permanent damage to your files. This file-locker operates by encrypting the contents of valuable files – documents, images, archives, videos, spreadsheets and others. Whenever the Erica2020 Ransomware corrupts a file, it will mark its name by generating a random string of four characters and appending it as a new extension – for example, the file 'document.xlsx' may be renamed to 'document.xlsx.oasd.' After completing its attack,...

MZP Ransomware

Posted: January 2, 2020 | Category: Ransomware
Cybercriminals continue to rely on file-encryption Trojans to be the main weapon of choice in their arsenal. These threats are able to cause long-term damage to the systems they infect, and their victims often may be unable to recover from the attack fully. This is because the threat is able to encrypt the contents of important files and prevent the victim from accessing their contents. The files that the MZP Ransomware targets include a long list of file formats – documents, spreadsheets, videos, images, archives, databases and many others. Just like other threats, the MZP Ransomware...

Voresko.club

Posted: January 2, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Voresko.club is a bogus page that aims to display fake warnings and alerts to users with an iPhone or another Apple product. Online con artists often set up such websites since they allow them to promote fake software and services by displaying scary warnings that may trick users into thinking that there is something wrong with their devices. It is important to remember that random Internet websites are not a trustworthy source of information about your computer or phone's health, and you should never trust the data they provide. In the case of Voresko.club, users might be exposed to a...

Lampion

Posted: December 31, 2019 | Category: Trojans | Threat Level: 8/10
Portuguese users need to be wary of a new cyber-threat that is being spread via phishing emails. The threat, dubbed Lampion, works as a Banking Trojan that is able to send users to phishing pages when they attempt to visit a legitimate online banking service. The threat achieves this by spying on the victim's Web browsing sessions and manipulating their connection when they attempt to connect to selected URLs. So far, the Lampion Trojan has been used against Portuguese users exclusively, but it would not come as a shock if the masterminds behind this campaign opt to expand it in the future....

C0hen Locker Ransomware

Posted: December 31, 2019 | Category: Ransomware
Ransomware operators often use various means of communication to get in touch with their victims – Telegram, online chat rooms, email, Jabber, Tor-based services, etc. However, the cybercriminals behind the C0hen Locker Ransomware have opted to go for a different and rather unique approach – they ask to be contacted via Discord, a popular VoIP gaming application. Of course, the authors of this ransomware are not willing to provide any of their services for free, and they expect to receive a hefty ransom fee from their victims. The C0hen Locker Ransomware is not considered to be...

Charmant Ransomware

Posted: December 31, 2019 | Category: Ransomware
Seeing the '.charmant' extension attached to the names of your files is a sure sign that your system has been infiltrated by the Charmant Ransomware, a threatening file-encryption Trojan that may cause a lot of damage to the file systems of its victims. Just like other file-lockers, this one also focuses on encrypting valuable files – text files, documents, spreadsheets, databases, archives, images, and other formats that may be used to store necessary information. After the attack is complete, the threat will create the ransom note '#RECOVERY#.txt' whose intent is to clarify the situation...

Redl Ransomware

Posted: December 31, 2019 | Category: Ransomware
It seems that there are no holidays for the authors of the STOP Ransomware – they keep releasing new variants of their threatening file-locker even during the Christmas holidays. The most recent variant of the STOP Ransomware to be identified goes by the name 'Redl Ransomware.' It uses the same old file-encryption technique, and, unfortunately, this means its victims can’t get their files back without receiving assistance from the perpetrators. To make matters even worse, the authors of the Redl Ransomware do not offer any help for free – they sell their decryption services for Bitcoin....
Home "Articles"