Get the 411 on Spyware
Monthly Archives November 2019
Purple Fox
Purple Fox is a vicious Trojan that can avoid detection and infect attacked computers with cryptocurrency miners and other malicious programs. No doubt, no one would like to receive such a threat, which is why we recommend reading our full report so you could learn how to protect your computer from it. Researchers believe that the malware could infect machines of both regular home users and various organizations. Since detecting the malware might be a tough task, you can imagine that erasing it could be even more challenging. This is why this time, we are not adding manual deletion instructions at the end of this article. ...
Pagefinder
Judging by the name, Pagefinder is meant to find web pages for you. Does that mean that it works as a web browser? No, it does not. It is just a search engine, and a not a beneficial or reliable one at that. At the core, this is why we recommend removing it from your web browser. At the time of this research, this PUP (potentially unwanted program) was compatible with Google Chrome only, and that is unlikely to change in the future. In fact, the installer of this PUP could no longer be found on the Chrome web store (https://chrome.google.com/webstore/detail/pagefinder/dfpeedheaalbnbmclibgcgeehgdlmjnl) at the time of research. ...
Deal Ransomware
Deal Ransomware is a malicious file-encrypting threat based on a similar harmful application called Phobos Ransomware. Both of them belong to the Crysis/Dharma Ransomware family, although they differ from other threats from this family with their colorful ransom notes. These notes should appear as soon as the malware finishes encrypting targeted files that ought to be marked with a unique second extension. If you want to know more about the way this new malicious application works, we encourage you to read the rest of this article. ...
Grod Ransomware
If you are introduced to a pop-up notification stating that Windows is “Installing important updates,” it is possible that Grod Ransomware has slithered into your operating system. This pop-up is just a distraction, and the threat is encrypting your personal files. Unfortunately, you cannot open the Task Manager and check what processes are running because the threat can disable this utility. If you cannot stop processes and remove malicious files, you cannot stop the encryption of your personal files. Of course, at this point, you might not know what is happening at all. ...
Nvram Ransomware
Do you know what happens when you lose control over Windows security? Nvram Ransomware happens. This ransomware infection exploits RDP vulnerabilities and backdoors created by spam email and bundled downloaders to enter operating systems, and if they are unguarded, the malware slithers in seemingly without notice. It does not have an interface, and there are no windows or pop-ups that show up during the attack. The one thing that might signal the existence of this malware is the disabled Task Manager, but if you do not try to open the utility specifically, you will never know this. ...
RSA Ransomware
RSA Ransomware is a threat you most likely want to avoid if you keep irreplaceable files on your computer and do not want to lose them. What this threat does is encrypt targeted data with a robust encryption algorithm. Next, it ought to show a ransom note, which should say you have to pay a ransom if you want your data to be decrypted. What should be clear is that no one can guarantee that the malware’s developers will hold on to their promise and that your money will not be lost in vain. Thus, we advise thinking carefully whether you wish to risk being scammed. ...
Boostwrite: A Malware Dropper That Can Avoid Detection
In this article, we talk about a new malicious application called BOOSTWRITE that can avoid detection and drop malware on a targeted system. Researchers say that there are already quite a few versions of it, and it looks like the threat is still being updated. Also, the latest infection’s sample revealed that it might have been created by the infamous hackers who are known as FIN7. They have been known to cybersecurity specialists for a few years now as they keep coming back with more vicious threats that cause lots of damage to targeted victims. As you can imagine, such complex applications are usually used to attack systems of businesses and other organizations. ...
AnteFrigus Ransomware
AnteFrigus Ransomware can be recognized from its ransom note as the document has “ANTEFRIGUS” written in dollar symbols. The document should also contain a description of what has happened to the files located on a device infected with this malicious application and what hackers demand their victims to do to restore affected data back to normal. We invite you to read the rest of our article if you want to learn more about the malware’s working manner and its creators' offer. For users who have encountered this threat, we can offer our deletion instructions located at the end of this text. ...
Mespinoza Ransomware
What was your first thought when you discovered Mespinoza Ransomware on your operating system? You might have thought that you need to remove this malicious threat immediately. You might have thought that you need to turn off your computer. You might have also thought about fulfilling the demands introduced to you by the cybercriminals who created this malware. Actually, the first thing you should do when you discover any kind of malware is to take a deep breath and relax. It might be too late for you to do anything to reverse the situation anyway, and so there is no point to rush into anything. ...
JesusCrypt Ransomware
When JesusCrypt Ransomware encrypts files, the “.jc” extension gets appended, and this extension is the marker that you can use to quickly determine which files were encrypted and which ones were spared. When we first came across this malicious threat, it was not fully developed yet, and so it is no surprise that no one has created a decryptor to match it. Unfortunately, we cannot guarantee that a decryptor will be created because, as you might know already, most file-encrypting infections remain undecryptable. ...
