Monthly Archives: October 2019

Will Olympic Destroyer Come Back in 2020?

The Olympic Games is one of the most-watched sports events in the world. It attracts millions of viewers all around the world. It also attracts Olympic Destroyer and various other kinds of malware. Sadly, we live in a world, in which cybercriminals exist, and their goals range from stealing and selling confidential data to tarnishing the name and reputation of the Olympic Game organizers. Although the attackers behind this malware were able to successfully attack those involved in the organization of the Pyeongchang Winter Olympic Games in 2018, the event went on as planned, and the attackers were not able to create irreversible damage. Read more »

.crypted000007 File Extension Ransomware

.crypted000007 File Extension Ransomware

.crypted000007 File Extension Ransomware is an old ransomware infection that was released around a year ago. If you happen to have this program on-board, you must have encountered some old spam campaign that led to the infection. Since the program is old, it is very likely that there is a public decryption tool available. Nevertheless, you should still back up your files on an external hard drive or a cloud drive because you can never know when other similar infection could enter your system again. Thus, when you remove .crypted000007 File Extension Ransomware, make sure you protect your system from harm. Read more »

Skipper

Skipper is a Trojan, and if you are not cautious, it could be used to open up a backdoor straight into your operating system. This malicious Trojan has been found to be employed by the Turla APT (Advanced Persistent Threat) group. The group is famous for creating and using multiple different tools in their attacks. A few others include Topinambour and KopiLuwak, and if you want to learn more about them, detailed articles and removal guides are already available. If you have found any of this malware on your operating system, there is a good chance that your virtual security has been jeopardized already. Although the backdoor does not offer a great variety of functions, the attackers can use it for the most basic actions necessary for highly complex and aggressive attacks. Ultimately, this malware is extremely dangerous, and you want to get rid of it as soon as possible. If you are not yet sure whether or not you need to delete Skipper, employ a trusted malware scanner, and you will find out right away. Read more »

ShellTea PoS Malware Threatens the Hospitality Industry

When you stay at a hotel, the last thing you want to worry about is whether or not your credit card data is safe. Well, if ShellTea has silently invaded the network of the hotel you are staying at, this data is not safe. Of course, there is nothing you can do about it because it is the hotel’s responsibility to take care of this. This malware was created by FIN8, and Morphisec Labs observed it attacking operating systems in the spring. Unfortunately, it is impossible to say whether or not there will be no other attacks from this group targeting hotels. In fact, the last time this malware was seen was back in 2017, and so we really cannot know when this malware will strike next. Read more »

Novter Botnet

Novter Botnet is a file-less botnet that is used to control infected machines. Users often do not know that they are infected with a botnet, and they might continue using their computers for a long time before they notice that something is wrong. If your computer has been acting weird, and you want to know whether it has been affected by this botnet, you can scan your system with the SpyHunter free scanner. If the infection is found, please remove Novter Botnet as soon as possible. Should you need any help with malware removal, feel free to leave us a comment. Read more »

'My Trojan Captured All Your Private Information Email' Scam

Do you ever wonder what to do with email scams that reach you? The easiest answer is to delete them from your inbox at once. However, sometimes users fall for these scams, and so we feel obliged to talk about the scam that could cause some trouble.

This time, we would like you to pay attention to the 'My Trojan Captured All Your Private Information Email' Scam. It is an old email spam campaign, and there is no trick behind its removal. You simply need to ignore its contents and delete the message without even checking it. Read more »

Purple Fox

Purple Fox is a Trojan downloader that might enter target system through common software vulnerabilities. This infection is a particularly sneaky one because the Trojan downloader itself is fileless. It virtually means that you cannot remove Purple Fox from your system as it doesn’t drop any additional files. It can, however, drop other malicious infections on your system, so you will do yourself a favor if you run a full system scan with a licensed antispyware tool right now. After all, Trojans infections are hard to spot unless you are a computer expert, so regular system scans are a must. Read more »

Karl Ransomware

Karl Ransomware

Karl Ransomware might be a devastating surprise to any user who does not back up his files and does not feel like paying around $500 to restore them. The malicious application locks all personal data and shows a note claiming a victim must pay to receive a tool that can decrypt all files. Of course, there are no guarantees such a tool will reach you. Thus, doing as told might result in you losing not just your data, but also a considerable sum of money. If you want to know more about the malware before choosing what to do, we encourage you to read our full article. On the other hand, if you have already decided not to comply with the hackers’ terms, you could erase Karl Ransomware by following our removal instructions provided below this text. Our researchers say it might be best to deal with the malware immediately since it could relaunch when the system restarts and encrypt more files. If deleting it manually seems too tricky, you can use a legitimate antimalware tool instead. Read more »

Hermes837 Ransomware

Hermes837 Ransomware

You need to take the security of your personal files seriously because Hermes837 Ransomware is just one of the thousands infections that could corrupt your files under the right conditions. Needless to say, this malware is most likely to affect systems that are unguarded, but lack of overall protection is not the only condition that the attackers need. In most cases, ransomware like this one spread using spam emails and bundled downloaders. In both cases, users have to open the spam emails and execute the downloaders, and so users’ carelessness is also a condition that, unfortunately, is not talked about enough. If cybercriminals manage to execute ransomware on your operating system, documents, photos, archives, videos, and various other types of files are encrypted, which means that data is scrambled. When it is scrambled, the files cannot be read, and if you cannot read your files, you might be manipulated into following the demands of the attackers. Instead of doing that, we recommend deleting Hermes837 Ransomware, but if you need more information before you can initiate removal, keep reading. Read more »

GoRansom Ransomware

GoRansom Ransomware

You have to secure your Windows operating system now because a single security crack could help the dangerous GoRansom Ransomware slither in. Also known as GoRansom POC Ransomware, this malicious threat was created for an unknown purpose. According to the Anti-Spyware-101.com research team, the infection might have been created by someone interested in experiments and tests, and maybe it is not intended for mass attacks. However, it is also possible that whoever stands behind this malware is learning and getting ready to strike in a real way, just like LOCKED_PAY Ransomware, Seto Ransomware, Save Ransomware, and many other malicious infections can. These threats – along with thousands of others alike – are created to corrupt files and demand money in return for decryption tools and software. The current version of the threat we are discussing in this report does not request that. While it is unlikely to attack, if it has encrypted your files, you must delete GoRansom Ransomware ASAP. Read more »