TONEDEAF
TONEDEAF is a malicious backdoor application targeted at oil/gas, government, and energy/utilities industries. It seems the malware was created in Iran as the country has a critical need for strategic intelligence due to geopolitical tensions in the Middle East. Thus, it is another malicious application that is unlikely to be received by regular home users. In this report, we discuss its capabilities, possible distribution channels, and its deletion. If you are interested in learning how a threat like TONEDEAF could be eliminated manually, you should have a look at the deletion instructions placed at the end of this article. ...
MCrypt2019 Ransomware
When the dangerous MCrypt2019 Ransomware invades your operating system, you might think that a technical issue has occurred or that Windows went out of order. That is because when this infection slithers into the operating system, it encrypts almost everything in its way. According to our research team, the tested sample made Explorer crash, and that might make it extremely difficult to operate the system in general. If you cannot even navigate through your operating system, you might not discover the ransom note either, and the attackers might miss the opportunity to trick you into giving them your money. ...
Predator the Thief
There are malware infections that are quite obvious and infections that take time to notice. Predator the Thief is a Trojan infection that can stay hidden in the system for quite a while. You might not even know that this program is there on your system unless you perform a full PC scan. ...
Infected Ransomware
It could take one email or one download for the malicious Infected Ransomware to slither into your operating system. The attackers behind this malware can conceal its launcher as a harmless file, and you could be tricked into executing it yourself. Do you know which file is responsible for all of this mess? If you do, there is a good chance that you will be able to remove Infected Ransomware manually, but, of course, there is more than one way to eliminate it from the operating system, and we discuss your options in this report. ...
Search Genie
You might have initially downloaded the Search Genie extension to help you browse the web, but you might have already realized that this extension is not only useless but also pretty suspicious. Does it help you browse the web? It certainly does. Are the results shown by it reliable? That is questionable. If you have already figured this out, you might be on track to removing the potentially unwanted program (PUP), and the guide you can find below will help you take care of that. However, we still recommend reading this report to fully understand the extension and the security problems it might bring upon you. ...
Topinambour
A new malicious infection created by the Turla group called Topinambour is out in the wild. It is not a stand-alone infection. On the contrary, the attackers are using it to get in the door, so to speak. That means that once this infection is in and established, it can invite many others. Needless to say, this infection is incredibly dangerous because it could be used to execute other malware-droppers, Trojans, keyloggers, and many other kinds of infections. At the moment, this dangerous threat is not attacking isolated Windows users. Instead, it appears to have been created to attack governments and companies. ...
Paydra@cock.li Ransomware
Paydra@cock.li Ransomware is a threat that enciphers files and appends a second extension, which ought to look like this .id-{unique ID}.[paydra@cock.li].html, e.g., flowers.png.id-B4500913.[paydra@cock.li].html. As usual for such threats, it should also display a ransom note in which its developers demand their victims to pay a ransom. What we recommend is not to rush. You should first try to remember when the last time you backed your data was. In case you can easily replace your most valuable or precious files with backup files, we advise ignoring the ransom note and erasing Paydra@cock.li Ransomware. ...
Darus Ransomware
What are you supposed to do when Darus Ransomware invades your operating system? Well, what you should not do is panic. If you panic, the ransom note that the attackers introduce to you might seem believable, and you might make some stupid moves. Sending a message to the criminals is one of these stupid moves, and we discuss it further in the report. Paying a ransom is yet another bad move. Luckily, you do not need to ponder between being silly and being safe because a free decryptor is already available. This tool will restore your files, and the only thing you will need to do is delete Darus Ransomware from your Windows operating system. ...
'I'm a programmer who cracked your email account' Scam
In this article, we discuss the so-called 'I'm a programmer who cracked your email account' Scam. Such scams are called sextortion scams since their victims receive messages claiming they were caught while watching adult content. The hackers behind such scams demand their victims to pay for their silence. Sadly, users unaware of such fraudulent schemes might end up wasting hundreds of US dollars. Our specialists confirmed there was already money in the cybercriminals’ Bitcoin wallet when they started researching it. The truth is that people behind such threats are just pretending to have discreditable information so they could blackmail their victims. ...
ExpBoot Ransomware
Sometimes, before real danger creeps in, we get to deal with something that only mimics the actual threat. This concept applies to ransomware, too. ExpBoot Ransomware might look like a very dangerous infection, but it cannot do much. It cannot even encrypt your files because it is not sophisticated enough. At the same time, it means that it is easy to remove ExpBoot Ransomware from your computer, and you should really look out for something more terrifying soon to come. Afterall, this program might be just testing waters for another infection that would most certainly do the job or encrypting every single personal file. ...
