Strangely enough, a ransomware virus variant that has Anubis for it’s theme has appeared, leaving encoded files in .coded file extension after it encrypts them. The virus then changes the wallpaper of the affected computer with a distinctive one showing…
Created by MacPaw Inc. this neat program is aims to optimize a computer by cleaning up junk files and granting easier access to manual clean up of objects that are causing a computer to run slow. The program also has…
SafeSearch1.ru is a bogus search engine and the primary domain of a browser hijacker. This hijacker has a logo imitating the one of Google to an extent, looking at its letters and their color pattern. The hijacker will redirect you…
InspiringBackgrounds.com is a browser hijacker that is made by Mindspark Interactive. A related browser extension is hosted on this site. If you have the extension or more unwanted applications on your computer, know that they will switch your homepage, search…
The Acecard Android Trojan has been around for quite some time. We wrote about Acecard in February this year, but in fact the malware has been attacking devices since 2014, when it was first detected. Back in February, the Trojan…
There’s a new Linux Trojan, dubbed Linux/NyaDrop, and it’s already reverse engineered by MalwareMustDie. This is in fact the same researcher that discovered Mirai. The Mirai IoT botnet was used in multiple attacks and had a global infection rate. The…
Android may also be prone to backdoor access – through a debugging feature in the OS bootloader. However, only devices that have firmware developed by Foxconn appear to be inclined to this vulnerability. The OS bootloader can act as a…
What Is !XTPLOCK5.0 Cryptinfo.txt Ransomware? Cyber-criminals behind the e-mail crypt302@gmx.com have begun to demand 2 BTC from users via a ransomware virus that is dubbed “!XTPLOCK5.0” based on its ransom note string. Malware researchers, like Michael Gillepsie believe that this…
Google Go is the name of a ransomware cryptovirus. The virus is dubbed that way because it is built on Google’s program language “Go” and it is the first ever ransomware to do so. The Go language is free, open…
A Chinese version of Locky ransomware has been detected by malware researchers to drop a _HOWDO_text.html file after it encrypts files with the AES-128 and RSA-2048 ciphers and generates a unique decryption key. The Locky ransomware variants have been spreading…
PropellerAds.com is a website for a monetization platform. Although, the site can spread advertisements and you can be redirected to more, similar advertising networks. That is why it is regarded as adware. The owners of that ad network make some…
2016 has seen the highest rates of malware in terms of online shops running on platforms such as Magento and OpenCart. To conclude that, researcher Willem de Groot from Byte.nl has been analyzing online stores infected with malware since November…
GeoByPass.net is a domain for a program promoting a proxy service. The program offers to hide your original geographical location settings so you can work around any country restriction for services such as Netflix. Moreover, the program can change your…
New version of Philadelphia ransomware, which was part of the Stampado variants has been released, again using the same .locked file extension. The difference in this version is that it demands .3 BTC from affected victims and features a new…
A new case study by blockchain analytics startup Skry and infosec firm Terbium Labs has analyzed millions of URLs in order to outline the most popular sites for illegal Bitcoin trade. The researchers were also able to identify the most…
Portalne.ws is a page that can hijack your browsers and redirect you at the same time. Settings that this hijacker modifies are your browsers’ homepage, search engine, and new tab window. When you make a search query, it will get…
Critical vulnerabilities are often leveraged in attack scenarios, varying from denial-of-service to malware infiltration cases. A serious vulnerability was recently patched, the kind that would allow attackers to carry out denial-of-service attacks via the Berkeley Internet Name Domain (BIND) exploits.…
“Try to kill or delete me and I will kill your PC” – this is the message the victims of the EXOTIC virus see once their computer has been infected by it. The vulgar cyber-threat goes as far as creating…
Gotoinstall.ru is a page redirect and also has browser hijacking capabilities. The hijacker can change browser settings as the homepage, search engine, and new tab window. After you make a search inquiry, the redirect will filter your search and any…
A new form of crime has been rapidly increasing. Botnets, banking malware, legitimate malware (adware) and other bunches of malicious code that aim only for one – profit. The most profitable of those however remains to be the new form…
