Get the 411 on Spyware
Monthly Archives January 2020
Horsedeal Ransomware
Watch out for Horsedeal Ransomware because if you are not careful, this malware could silently creep in and destroy your documents, pictures, and other personal files. This malware encrypts files by changing the data within them, and that ensures that you cannot read any of them. Is this a mistake? Did the malicious infection corrupt your files by accident? It is not a mistake, and your files were not corrupted by accident. It’s all part of a vicious plan to make you connect with cybercriminals and, most likely, pay money to get the files decrypted. ...
Somik1 Ransomware
Every time you download a new file or open a strange spam email, you need to think of Somik1 Ransomware. There are thousands of infections just like it too, so you need to think about them as well, but in this report, we are talking about Somik1. The name of this malware comes from the executable file named “somik1.exe.” This could be the name of the launcher in your case, but the name could also be entirely different and random too. Another file that we need to mention is “xxx_media_player.exe.” The threat is coded to avoid this file during the encryption, and so it is possible that a fake media player could be used to distribute the threat. ...
Snake Ransomware
If you still have time to protect your Windows operating system against Snake Ransomware, you need to take all security measures to ensure that it does not attack. That means that you need to be extra careful about the files you download from unreliable websites or are sent via spam email and social networking platforms. It also means that you need to revise your virtual security. Is your operating system up-to-date? Are there any pending updates to be installed? Do you need to disable remote access systems? Whatever you can think of, you need to take care of it because even the smallest security backdoor could help cybercriminals attack. ...
Devil Ransomware
When Devil Ransomware attacks, it does that silently, and so victims of this dangerous malware are unlikely to figure out when exactly their files were encrypted. However, after encryption, all of the affected files should have the “.id[{unique ID}].[decrypt4data@protonmail.com].devil” extension appended to the original names. A file with this extension cannot be read normally, and decrypting it, at the time of our research, was not possible either. We cannot claim that the attackers standing behind this malware are not capable of decrypting data because they might have a decryptor, but we are willing to bet that victims of this malware would not receive this decryptor regardless of what they did or didn’t do. ...
Lampion
If you live in Portugal and pay taxes to the Portuguese Tax and Customs Authority (Autoridade Tributaria e Aduaneira), Lampion is a threat that you need to be very cautious about. This threat was first spotted in October 2019, but it is likely to continue terrorizing Windows users in the future as well. Just like most threats nowadays, this Trojan exploits the backdoors opened via spam emails. Unfortunately, many people are still unaware that opening spam emails is a dangerous game. Spammers can use convincing email addresses and subject lines, and the messages themselves can be copied from real emails sent by the Portuguese Tax and Customs Authority to make them look completely legitimate. ...
PhobosImposter Ransomware
You do not want PhobosImposter Ransomware invading your Windows operating system and encrypting your personal files because once this malware wraps its claws around your files, it does not let go. The message created by the infection might make you think that you can pay a ransom and get all photos and documents decrypted, but if we know one thing, that is that cybercriminals cannot be trusted. The bottom line is that the infection was created to make money, and cybercriminals behind it are interested in nothing else but money. ...
Prometey Ransomware
Our specialists came across a new ransomware application called Prometey Ransomware. Research revealed that the malware might no longer be active as their encountered sample did not work. However, the malicious application might have infected computers while it was still being spread and if you are one of the threat’s victims, we invite you to read our full report and learn the most important details. Also, if the malware is on your system you might be looking for a way to eliminate it. In such case, we could offer our deletion instructions placed below, although we have to stress that they may not be accurate. ...
Dudell
If you receive a suspicious email or message instructing you to open an attached file, Dudell malware needs to be on your mind. Individual Windows users are unlikely to be affected by this threat, but those working in government organizations across Asia need to be very careful about it. The actor behind this malware – which is the Rancor cyber-espionage group – has been performing attacks on governments in Asia since 2017, and it was active throughout 2019. Therefore, we expect to see more attacks coming from them this year. The strength of this malware is in its simplicity. ...
C0hen Locker Ransomware
Did C0hen Locker Ransomware slither in and corrupt your personal files? If it did, there is a good chance that you opened a spam email attachment that lead to the execution of malware or that you left your operating system weak due to unpatched vulnerabilities. It goes without saying that unguarded systems are the ones that are affected by malware. Of course, more powerful and sophisticated threats can circumvent security safeguards – especially if they are weak, to begin with – and so it is never enough just to install security software. ...
BDDY Ransomware
Beware of BDDY Ransomware, a dangerous file-encrypting threat that wants to corrupt your childhood photos, work/school documents, media files, and other types of data that you are likely to consider personal. The infection is not at all interested in system files or applications because those can be replaced quite easily, and that is not what the attackers behind this malware want. They want to tie your hands behind your back, and that is what they are able to do by encrypting personal files. If copies of these files are stored outside the infected machine, victims do not have much to worry about besides the removal of the threat. ...
