Gereddistryin.club

Posted: September 4, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Coming across the Gereddistryin.club pop-ups means that the website will try to hijack your browser notifications. Of course, it tries to do this in a subtle way – it tells you to click 'Allow' to continue browsing. What it tries to hide from you, however, is the fact that the 'Allow' button is meant to grant Gereddistryin.club the ability to display browser notifications. Users who are not being careful with the content they interact with online may end up subscribing to the Gereddistryin.club notification accidentally. The good news is that neither Gereddistryin.club nor its...

Onemessages.com

Posted: September 4, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Onemessages.com is a misleading page that pretends to host an interesting video that users only can play if they follow the instructions on their screens. However, the instructions that Onemessages.com displays are fake, and they serve an entirely different purpose – to subscribe you to Onemessages.com's push notifications. The consequences of this change are not unsafe, but you are unlikely to enjoy the change since it will expose you to dozens of intrusive notifications whenever you are using your browser. These notifications focus on promoting paid advertisements for shady products,...

BlackKnight2020 Ransomware

Posted: September 4, 2020 | Category: Ransomware
The BlackKnight2020 Ransomware is a screen-locker Trojan that blocks the Windows UI with a pop-up until the victim pays its ransom. Users can ignore the ransom demand and restart their computers through methods that circumvent the Trojan's startup feature. Most Windows-compatible anti-malware tools should remove the BlackKnight2020 Ransomware in most cases. As competition to the more prominent, file-locking variety, screen-locker Trojans hold some minor advantages to their credit. Threats like the BlackKnight2020 Ransomware, while very limited concerning their attacks, can make almost as...

Cyrat Ransomware

Posted: September 4, 2020 | Category: Ransomware
The Cyrat Ransomware is a file-locking Trojan that targets Windows systems currently. It can block media files with its encryption feature and hold them for ransom, along with attacks such as deleting backups and turning off default security features. Since its locking method is secure, users should have backups for recovering any media and let professional anti-malware products delete the Cyrat Ransomware. File-locking Trojans can come in multitudes of disguises, and few of them will lock themselves too closely to specific themes. As for the Cyrat Ransomware, a new, file-locker Trojan...

PyVil RAT

Posted: September 4, 2020 | Category: Remote Administration Tools | Threat Level: 4/10
The PyVil RAT is a Remote Access Trojan that can help attackers control Windows systems or collect their information through advanced features like keylogging. It's a known tool of EVILNUM, an espionage-focused threat actor whose name comes from one of its earliest backdoor Trojans. Workers in vulnerable organizations should be watchful for possible e-mail-based attacks and have anti-malware tools updated to remove the PyVil RAT accurately. Although the  EVILNUM  group has been under the cyber-security sector's eye for years, 2020 is proving an energized time for the threat actor....

Lightening-search.com

Posted: September 3, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Lightening-search.com is a basic search engine that does not receive a lot of attention. This is probably the reason why its administrators have decided to resort to using Potentially Unwanted Programs (PUPs) and browser hijackers to bring more users to their website – the aforementioned software types may often be installed stealthily, and they will command your Web browser to use Lightening-search.com as your search engine or default new tab page This change is intrusive but not harmful – it should not be considered as a major problem. However, it goes without saying that most users are...

Tiktok-fun.com

Posted: September 3, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Tiktok-fun.com is a misleading page that may show up in your Web browser while browsing shady websites. The page is not related to do with the social network Tik Tok, and it pretends to host links to popular Tik Tok posts – however, if you try to access any of them, you may be prompted to click a button that says 'Allow.' It is essential to mention that the 'Allow' button has nothing to do with media playback, and its real purpose is to subscribe you to Tiktok-fun.com's push notifications. Once Tiktok-fun.com gets permission to use notifications, it will begin to abuse the feature to...

Ubrowsesearch.net

Posted: September 3, 2020 | Category: Potentially Unwanted Programs (PUPs)
Ubrowsesearch.net is a simple search engine based on the original Google Search. While it provides relevant and credible results, it is essential to note that its results page may contain sponsored advertisements and results that are meant to generate revenue for Ubrowsesearch.net's administrators. Such monetization techniques are not an issue, but there is another problem that turns Ubrowsesearch.net into an interesting topic for anti-virus product vendors – the website appears to receive a lot of its traffic thanks to 3rd-party Potentially Unwanted Programs (PUPs) and browser hijackers...

Featuredlistings.ca

Posted: September 3, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Featuredlistings.ca is a dysfunctional search engine that you may end up seeing in your Web browser against your will. This is likely to happen if you have installed a Potentially Unwanted Program (PUP) or a browser hijacker that is designed to modify your browser's settings without your approval. This would not be such a major issue if it were not for the fact that Featuredlistings.ca's search engine does not work at all – trying to use the search engine leads users to a blank page. Needless to say, a dysfunctional website that is being promoted via shady 3rd-party applications is not...

Poiskteper.ru

Posted: September 3, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Poiskteper.ru is a search engine that may be promoted via Potentially Unwanted Programs (PUPs) and browser hijackers that pose as useful add-ons for your Web browser. If a user tries to engage with the page's search feature, they will be redirected to Yandex.ru, a popular search engine in Russia. Needless to say, you should not use its services if you are located outside of Russia, since the search aggregator will provide results suited for Russian users. While Poiskteper.ru is a legitimate website, its administrators clearly use some shady practices to generate more traffic. The PUPs and...

BG85 Ransomware

Posted: September 3, 2020 | Category: Ransomware
The BG85 Ransomware is a file-locker Trojan from the family of the AES-Matrix Ransomware. Besides blocking files on infected PCs, it may delete the user's unprotected backups. Attacks often use RDP or other manual-targeting strategies. All users should maintain robust Internet security protocols and have anti-malware services for removing the BG85 Ransomware before it causes significant data loss. In terms of raw numbers,  AES-Matrix Ransomware  isn't the biggest mover-and-shaker in the file-locking Trojan threat landscape. Like the recently-uncovered the BG85 Ransomware, its...

GOLD Ransomware

Posted: September 3, 2020 | Category: Ransomware
The GOLD Ransomware is a file-locking Trojan that can block users' documents, pictures and other media on their computers. As part of the Dharma Ransomware family, its encryption for locking files is secure from free solutions, in most cases. Users should recover through backups, if they're available, and have anti-malware products protect their PCs by deleting the GOLD Ransomware. Appropriately, considering its goals, a new version of the  Dharma Ransomware  family is naming itself after the metal that's so-often a stand-in for wealth. The GOLD Ransomware shows most of this...

XAgentOSX RAT

Posted: September 3, 2020 | Category: Mac Malware, Remote Administration Tools
The XAgentOSX RAT is a Remote Access Trojan that provides attackers with control over infected macOS systems and is the apparent cross-OS counterpart of Sednit. Through this tool, hackers can access information, including passwords, and issue commands for harmful system changes. Users should have anti-malware protection compatible with macOS for removing the XAgentOSX RAT as soon as possible. The wide-ranging  Sofacy  group of hackers is long-established as competent with multiple tools for spying on PCs, with many of its forays targeting Windows environments. The XAgentOSX RAT...

Sepulcher Malware

Posted: September 3, 2020 | Category: Malware | Threat Level: 6/10
The Sepulcher Malware is a RAT or Remote Access Trojan that provides a foothold on infected PCs to collect data and launch other attacks. Its usage strongly correlates with China-based attackers' activities, such as TA413 and e-mail-based infection strategies. Users should scan e-mail attachments with care for detecting threats and have anti-malware solutions remove the Sepulcher Malware as soon as it's identifiable. Some threats stay dead for longer than others, and in the Sepulcher Malware's case, that period is relatively short. After an initial operation against government entities...

Whicherinc.club

Posted: September 2, 2020 | Category: Browser Hijackers | Threat Level: 5/10
The page at Whicherinc.club specializes in running a basic online tactic whose end goal is to access your Web browser notifications. The con artists behind the website want this because it would enable them to deliver many paid advertisements to your browser by merely abusing your Web browser's notifications. This may allow them to generate a lot of revenue since you will end up seeing their advertisements regardless of the websites you visit. The scheme on Whicherinc.club is executed by displaying misleading instructions that ultimately ask you to click a button that says 'Allow.' The...

Videoaccess.xyz

Posted: September 2, 2020 | Category: Browser Hijackers | Threat Level: 5/10
The website at Videoaccess.xyz claims to host a robot check that users need to pass to access the page they were trying to view. This request may sound valid, especially since you can complete the check fairly simply – all that Videoaccess.xyz asks you to do is to click 'Allow' on a prompt shown on your screen. If you are not paying close attention to the text on your screen, you may click the 'Allow' button that will enable Videoaccess.xyz's notifications unknowingly. When this happens, Videoaccess.xyz gains the ability to deliver an unlimited number of notifications to your Web browser....

Nremainter.club

Posted: September 2, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Nremainter.club is a Web page whose content is likely to reach you thanks to online advertisements and pop-ups that may be hosted by less reputable websites. Nremainter.club's purpose is to trick you into thinking that you have to confirm that you are not a robot by performing a certain action, such as clicking a button that says 'Allow.' While this request may seem rather innocent, you should know that Nremainter.club's instructions are not meant to confirm your identity – by following them, you will end up subscribing to this website's push notifications. Being subscribed to the...

Joinsilverclubbb.com

Posted: September 2, 2020 | Category: Browser Hijackers | Threat Level: 5/10
О nline con artists often use adult content to lure their potential victims into getting involved with a scheme. This is the strategy that Joinsilverclubbb.com adopts – the website is home to a very basic con whose sole goal is to gain access to your Web browser's push notifications. If the page is granted the permissions it wants, it may proceed to use your browser's push notifications to bombard you with advertisements whenever you are on your computer. Joinsilverclubbb.com's tactic is executed in a very simple manner – visitors are told to click 'Allow' if they are over 18 years of...

Sferverification.com

Posted: September 2, 2020 | Category: Browser Hijackers | Threat Level: 5/10
Sferverification.com is a website that tries to mislead its visitors into permitting it to display notifications. The small-time con works by displaying a message saying 'If you are 18+ click Allow' – users might be enticed to click the button to see what Sferverification.com has in store for them, but the truth is that this website does not host any interesting content. Nothing obvious happens when the button is clicked, and users might not even be aware that they just allowed Sferverification.com to display notifications in their Web browser. This change's consequences are not a major...

StreamsMob

Posted: September 2, 2020 | Category: Potentially Unwanted Programs (PUPs)
StreamsMob is a browser extension whose installation may seem like a great choice since it promises to provide you with access to free online streams for various shows, TV series, movies, sports events, and other exciting content. However, the real purpose of StreamsMob is entirely different – it focuses on bringing traffic to the websites Feed.streamsmob.com and Portal.streamsmob.com by setting them as your Web browser's default search engine and new tab page. While this behavior is not harmful, it may hinder your Web browsing sessions' quality since you will be forced to use an unreliable...
Home "Articles"