Cerber Ransomware

Cerber Ransomware

Cerber Ransomware is a devious Windows infection that enters your operating system using clandestine methods. Whether this program slithers in via a corrupted spam email attachment or gets downloaded by a malicious installer, it will hide itself until all of your personal files are encrypted. If this malicious infection successfully encrypts your personal files, it can proceed to demand a ransom from you. According to our research, at the moment, this ransom is 1.24 BTC, which is around 507 USD or 463 EUR. Every user is given 7 days to make the payment, and, if the payment is not made, the ransom supposedly rises to 2.48 BTC (~1014 USD/925 EUR). Note that the Bitcoin currency is quite unstable and the currency ratios fluctuate frequently. All in all, the sums are high, and it is unlikely that many victims have this kind of money lying around. Unfortunately, at the moment, it is impossible to decrypt personal files in other ways, which means that paying the ransom might be the only way to regain control over your files. Of course, this does not change the fact that you must remove Cerber Ransomware. Read more »

KOK8 Ransomware

KOK8 Ransomware is a threat that changes the computer’s background picture, encrypts all private data of its user, and then shows a message asking to email the hackers who created it to receive decryption tools. Given ransomware applications are tools for extorting victims we have no doubt the reply from the cybercriminals should ask for a ransom. What you should realize is dealing with these people could be hazardous as there are no reassurances they will not scam you. Thus, if you do not like the idea, you would have to pay for tools you may never receive we would advise ignoring the malware’s ransom note. Leaving the threat could be still dangerous, so we highly recommend removing KOK8 Ransomware. To make the task easier, we have prepared manual deletion instructions located at the end of this article. Read more »

Dark Tequila

Malware researchers have recently become aware of a new malicious application. It has received a name Dark Tequila. The infection is not exactly new. The thorough analysis carried out by malware researchers has clearly shown that Dark Tequila has been active since 2013. We can only imagine how many users it has already affected, but since it is capable of replicating itself like a worm, it is very likely that thousands of users have already fell victim to it. It is not that easy to find out about the successful entrance of this infection, so we do not blame those users who find out about its successful infiltration only when they realize that some financial information and login credentials have been stolen from them. Dark Tequila uses sophisticated evasion techniques in order not to get caught. Specifically speaking, it has been observed by specialists that it uses UPX and Yoda crypter to avoid detection. Of course, it does not mean that it is impossible to find out about its presence on the system. You just need to perform a scan with a diagnostic antimalware scanner. If malware is detected, make sure you erase it ASAP. Do not forget that it has infiltrated your computer to steal sensitive information! Read more »

TotalWipeOut Ransomware

TotalWipeOut Ransomware

At the moment, TotalWipeOut Ransomware cannot wipe out your personal files, but it is built as a file-encryptor, and so it would be a mistake to underestimate this infection. Anti-Spyware-101.com research team has recently obtained a sample of this malware, and it was tested in our internal lab. The conclusion: It is not a threat yet, but it could be upgraded to attack Windows systems and encrypt files. This is why we must discuss this threat and, of course, its removal. If you do not know what to think about this infection, and you have no idea how to get rid of it, you should keep reading this report. We show how to delete TotalWipeOut Ransomware from the operating system, and we provide you with tips that should help you keep malicious infections away in the future. Don’t forget that while you might be most interested in eliminating the ransomware at this point, it is crucial that you take into account that securing your operating system is the most important task. Read more »

Scarab-Good Ransomware

Scarab-Good Ransomware

It would be a lie if we told you that Scarab-Good Ransomware is a brand new malicious application because it is surely not. Research has clearly shown that this malicious application is a new Scarab Ransomware version. Just like all the previous versions of this threat, it mercilessly encrypts files on users’ computers. We are sure this will not go unnoticed. You will find out soon after its successful entrance that you can no longer access almost all files you consider valuable, including your documents, music, and pictures. Scarab-Good Ransomware is one of those nasty infections that try to obtain money by any means, so do not expect to unlock your files by erasing this infection from your system. Your files will stay encrypted even if you fully erase this ransomware infection. Unfortunately, it might be impossible to decrypt files locked by this threat – they are all encrypted using a strong encryption algorithm. Usually, ransomware infections use the Advanced Encryption Standard (AES)  to lock data on affected computers, which is definitely one of the strongest encryption algorithms available, so cracking it might be quite a problem. Usually, the only option victims have is the retrieval of files from a backup. If you have not backed up your files once in your life, those encrypted files might stay locked forever because it is not very likely that free decryption software that could help you will be developed anytime soon. Read more »

Trojan.Redgamble

You do not want Trojan.Redgamble invading your operating system because if it does, it can steal highly personal information in a completely clandestine manner. This infection does not need to trick you into giving this information up, as it can use its own elements to steal this information illegally. According to Anti-Spyware-101.com research team, the infection can record data and capture screenshots to obtain even more information. The strange thing is that this malicious infection appears to have been created for the collection of very specific information. Do you play online gambling games, such as poker? If you do, you are the target of this Trojan. Of course, we cannot refute the possibility that other types of personal information could not be recorded by the infection, and that gives an additional push to remove it. Are you afraid you cannot delete Trojan.Redgamble from your operating system manually? Do not worry about this. We’ve got you. Of course, if we fail to answer all your questions in this report, you can always post your comments below. Read more »

Mimicry Ransomware

Mimicry Ransomware might not look like much of a dangerous threat until it unleashes its malicious spell upon your computer. Perhaps you can already tell from its name that this program has something to do with a ransom.

The point is that this infection holds your files “hostage” until you supposedly transfer the ransom fee. However, we would like to point out that paying the ransom does not guarantee this program would “release” your files. Hence, you should focus on removing Mimicry Ransomware from your system, and the idea of paying the ransom should not even cross your mind. Read more »

Golden Ransomware

Golden Ransomware

Golden Ransomware is not a threat that works fully, but it does not mean that you are safe – crooks might soon release its final update and then it will lock your personal files without mercy. At the time of analysis, the infection was still in the development phase and thus did not lock a single file on our testing machine, but we cannot guarantee that you will be that lucky if you encounter its new version. Even if you encounter the same version analyzed by researchers at anti-spyware-101.com, it will still cause you trouble because it will execute a command shutdown -a to make sure it cannot be closed or killed by the user. In other words, it is a persistent infection that does all what it can to make sure it does not get removed. It does not mean that it cannot be erased. We cannot promise that it will be easy to eliminate it, but you could still delete it from the system yourself manually after you boot into Safe Mode or Safe Mode with Networking. We want to emphasize that you have to choose Safe Mode with Networking if you plan to download an automated malware remover and delete Golden Ransomware automatically. Read more »

Jeff Ransomware

Jeff Ransomware

After taking a closer look at Jeff Ransomware, our researchers concluded it is probably still being developed. Therefore, we doubt the malware could be spread among a lot of users. Nonetheless, we believe it is essential to learn about it just the same in case it gets upgraded and becomes a serious threat. In the article, we will explain why we believe it not yet finished and talk about its working manner. Moreover, users who are interested in how it could be erased will find instructions showing how to do so manually. Of course, if you encounter an updated version of Jeff Ransomware, it might act differently, and the provided deletion guide may not help you remove it completely. For this reason, it might be best to use a legitimate antimalware tool that could take care of the malicious program with no trouble. Read more »

My Daily Verse XP

If you study the Bible daily, extensions like My Daily Verse XP might catch your eye. At the moment, this suspicious add-on does not have an official download page, but it is known that it used to be offered at mydailyversexp.com/DailyBible and chrome.google.com/webstore/detail/my-daily-bible-verse-xp/poamjgfcppmnpeoihkdpbfpjjbiflpib. The official download website and the Chrome web store page has been taken down, and now the potentially unwanted program is believed to spread via third-party installers. They can deliver software bundles that carry both harmless and malicious infections. While we advise deleting My Daily Verse XP, we cannot make any claims about this extension being extremely malicious. Unfortunately, the programs this PUP could come packaged with could be very malicious, and they might require immediate removal. Due to this, we suggest scanning your operating system before you move on. If critical threats are uncovered, you need to get rid of them as soon as possible. Afterward, you can address the suspicious application and the search tool that comes along with it. Read more »

DBGer Ransomware

DBGer Ransomware

DBGer Ransomware is a malicious program that may attack computers vulnerable to the so-called EternalBlue exploit. If the malware succeeds and settles in it should encipher user’s photos, documents, and other personal files with a secure encryption algorithm. As a result, the device should be unable to recognize modified files. Meaning, the only way to access them is decrypting them. Sadly, the only ones capable of deciphering data encrypted by DBGer Ransomware is the hackers who created it, and they ask for around six thousand US dollars for such services. Naturally, if you do not have so much money to spare, or do not want to risk being scammed; we would advise ignoring the malware’s displayed ransom note. For more information about the threat and the ways it can be erased, you should read our full article. Read more »