When you are a malware researcher, you are somehow obliged to look back and strike a balance. Malware is a hot topic and has drawn the attention of both media and audience. It doesn’t really matter what side you are on – you have definitely read news about vicious cyber attacks or know someone who has lost their data to ransomware. To put it in other words – malware has entered the realm of everyday life and tends to interfere with users’ activities more than ever.
Information is our mission
One way to improve your online security is by being informed on security-related and malware topics. There is indeed a lot to know and keep up with! Cyber threats have evolved to such an extent that both researchers and end users need to regroup with their squads and strike back. Knowledge is strength. Spreading the knowledge is a mission that we have accepted as our own.
Share knowledge, not malware
The idea to share SensorsTech’s ten most active threats in 2015 with you, our readers, came naturally. In the end, we are all PC users and, at some point, we have all dealt with annoying ad-supported programs, spyware and (or) malware. However, keep in mind that the types of threats which prevailed in 2015 may change in 2016.
Predictions matter
Many security researchers and AV software vendors make predictions for the future threat landscape, based on data gathered throughout the year. The truth is malware is mostly unpredictable, but infection patterns don’t really change. Malware actors often rely on user behavior predictability – that is why phishing techniques and spam emails (among others) are so effective.
Most Active Threats in 2015
According to statistics by Google Analytics, the threats we have listed below have affected the highest number of our users. Those are the top 10 most visited malware removal articles we have published throughout 2015.
In descending order
Threat Number 10: Positive Finds
Threat Type: Adware/ PUP
Highest Activity: March 2015
From our article Remove Positive Finds:
Experts classify Positive Finds as adware because the application tends to display third party ads (pop-ups, banners, deals, coupons, price comparisons, etc.) in almost every web page the user views. Although Positive Finds is not malicious per se, the promoted ads may pose a variety of security issues to the affected system if clicked on.
Threat Number 9: Max Adblock
Threat Type: Adware/ PUP
Highest Activity: July 2015
From our article Get Rid of Max Adblock:
A suspicious browser extension called Max Adblock has appeared in some browsers, users report. It is believed to be a PUP (potentially unwanted program). We have discovered some sources that claim that it may provide ads that redirect to suspicious sites. This software may appear on your browser as an after-effect of installing freeware downloaded from the Web.
Threat Number 8: utcservice.exe
Threat Type: Executable
Highest Activity: August, December 2015
From our article Is utcservice.exe Process Dangerous?:
Several users have reported that utcservice.exe is running in their task managers. The users’ concerns are rooted back to the fact that the process appears unknown and unrelated to any applications they have installed. utcservice.exe is described as an essential composition file of TouchUtility. However, it is quite possible that a type of malicious software has targeted and altered the executable file.
Threat Number 7: Encryption Key RSA-2048 by CryptoWall 3.0
Threat Type: Encryption Key, Ransomware
Highest Activity: November 2015
From our article Remove RSA-2048 Encryption Key from Cryptowall 3.0:
The RSA-2048 encryption key typical for Cryptowall 3.0 has been reported to strike users’ computers and display a ransomware message. Thus, the threat is also dubbed Ransomware RSA-2048 or may be referred as RSA-2048 virus. Once activated, the encryption key ‘locks’ the victim’s files and asks for payment so that a decryption key is provided.
Threat Number 6: This Content Requires Media Player 12.2 Update
Threat Type: Pop-up, Fake Update
Highest Activity: May 2015
From our article What Is “The Installation of Media Player 12.2 Update” Pop-up?:
The deceptive “The Installation of Media Player 12.2 Update” Pop-up message may try to download a number of PUPs (potentially unwanted programs) on the compromised computer as the user clicks on the Yes/No buttons. Experts classify “The Installation of Media Player 12.2 Update” Pop-up as adware and potentially unwanted program and recommend its immediate removal from the affected PC.
Threat Number 5: CryptoWall 2.0
Threat Type: Ransomware
Highest Activity: January, April 2015
From our article Remove CryptoWall 2.0:
Security experts have recently observed hackers exploiting vulnerable WordPress links in order to redirect computer users to servers that are hosting the RIG Exploit Kit. The latter abuses a large number of vulnerabilities in unpatched Flash, Java and many other applications in order to drop the new version of the CryptoWall ransomware.
Threat Number 4: CTB-Locker
Threat Type: Ransomware
Highest Activity: April 2015
From our article Remove CTB-Locker:
CTB-Locker, also known as Critoni Ransomware, is a Trojan that encrypts the files on the infected computer and blocks the user’s access to his data. Critoni Ransomware displays a ransom message demanding a high price for the decryption of the files. Experts warn that the threat is still actively infecting computers worldwide and recommend installing a trustworthy anti-malware tool no your machine and performing regular backups of your important files.
Threat Number 3: TeslaCrypt
Threat Type: Ransomware
Highest Activity: December 2015
From our article Remove TeslaCrypt, .vvv Extension:
A new variant of the nefarious TeslaCrypt ransomware is circling the Web. This time, the malicious threat is encrypting files in a .vvv file format. Once it affects your system, it will create thousands of files inside multiple folders, along with “how_recover+abc” files to which a ransom note is attached.
Threat Number 2: Small Humanoids Discovered in the U.S.
Threat Type: Survey Scam, Facebook Scam
Highest Activity: March 2015
From our article Small Humanoids Discovered in the US:
A message on Facebook that appears to be from a person in the user’s friend list, invites people to click on a link that is supposed to show a video of two little human-like creatures. Many users trust the link since it has been sent from a friend, and get trapped into a survey scam.
Threat Number 1: CryptoWall 3.0
Threat Type: Ransomware
Highest Activity: March, April 2015
From our article Remove CryptoWall 3.0:
The new CryptoWall 3.0 uses a localized ransom message and passes traffic to a website where the victims can pay for the decryption key needed to unlock their files through Tor and I2P anonymous networks. CryproWall is a file-encrypting type of threat, which once activated on the infected machine encrypts certain files on it and demands a fine ($500 ) in order to provide the victim with the decryption key. The ransom is to be paid in Bitcoin digital currency in the next 168 hours.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: