Author Archives: Max Lehmann - Page 4

FlowerPippi

If you are informed about the existence of FlowerPippi, you need to make sure that you remove this threat as soon as possible. You also need to inspect your operating system for other threats because this backdoor malware is unlikely to exist on its own. In the summer of 2019, this malicious threat was found to spread via spam emails along with Gelup, another Trojan that, of course, requires elimination as well. These two infections are believed to belong to the TA505 group, which has been sending its malware in many different directions. Its activity has been recorded in Morroco, the Middle East, and also Australia, Japan, and the Philippines. If you live in these three countries, you are more likely to need to delete FlowerPippi from your operating system. So, how can you get rid of this malware and, more important, how can you ensure protection against it in the future? Read more »

VeePN

VeePN

In this report, we are discussing the VeePN Chrome extension that the users of this browser can acquire from the popular Chrome web store at chrome.google.com/webstore/detail/veepn-unlimited-free-fast/majdfhpaihoncoakbjgbdhglocklcgno. The extension is free, and so it is no surprise that over 11,300 Chrome users have downloaded it already. The program also has a shinning 4.5/5 star rating (from 49 users), but it has a mixed bag of reviews. Some of them make the extension sound amazing, while others might create doubts and make you question its versatility and usefulness. According to Anti-Spyware-101.com research team, the extension works, and although it has a limited number of free VPN servers (at the time, we had six to choose from), it offers more for those willing to pay for the Premium service. Despite this, some Chrome users choose to remove VeePN from their browsers. Are there specific reasons for that, or do these users find better tools? Continue reading to find out, and note that a guide showing how to delete the potentially unwanted program (PUP) from Chrome is available below. Read more »

SaveTheQueen Ransomware

SaveTheQueen Ransomware is a recently created file-encrypting threat. It is possible that we encountered a test version, which means the malware could still be in development. Our researchers think so because the malicious application does not drop a ransom note. Showing a ransom note is typical behavior for ransomware as such programs are mostly used to extort money from regular home users, businesses, or institutions. Further, we explain how our encountered variant works, how it could be distributed, and how it could be erased if it enters a system. At the end of this text, we also provide deletion steps that show how to remove SaveTheQueen Ransomware manually, although we cannot guarantee the instructions will still work if hackers release a new version of the malware. Read more »

CStealer Threatens the Security of Google Chrome Users by Stealing Passwords

Do you use Google Chrome on a daily basis? Perhaps you use it at work, or maybe you only use it at home. Whatever the case is, we are sure that you want to be safe while using this web browser. Unsurprisingly, Google Chrome is the most popular browser, with more than 69% of people using it all around the world. Unfortunately, the most popular services are usually the ones that are targeted by schemers and cybercriminals in most cases too. CStealer is a dangerous Trojan that was created to go after Google Chrome users specifically, and if it is successful, it can steal sensitive passwords stored on this browser. Read more »

Trojan.PyXie.A

Trojan.PyXie.A is a malicious computer infection that can remain hidden in the target system for a long time before the infected users does anything about it. It is a Trojan that works as a Remote Access Tool (RAT), and so it has a pretty wide functionality, which allows other cybercriminals to make use of this infection. In some cases, Trojan.PyXie.A can also be used to distribute ransomware, so the sooner you remove it from your system the better. The best way to find out whether you have this threat on-board is to run regular system scans with a reliable security tool. Read more »

Msop Ransomware

Msop Ransomware

Msop Ransomware is not the kind of threat that you would ever consider to be harmless. It does not try to disguise itself because that is not something that cybercriminals behind this malware need to do. Sure, they need to execute this malware silently, so that your personal files could be corrupted without disturbance, but once that is done, the threat needs to reveal itself. The purpose of this threat is to push victims into paying a ransom in return for a tool that, allegedly, could be used to decrypt files. Therefore, once files are corrupted, the infection immediately introduces you to a file named “_readme.txt.” We discuss the contents of this text file further in the report. We also discuss how the infection spreads, and how to keep your operating system protected against it in the future. Most important, we discuss how to delete Msop Ransomware, and we are almost certain that you have found this article because you already know just how important the removal of this threat is. Read more »

Awesome Sports Search

Awesome Sports Search

Awesome Sports Search is a PUP or a potentially unwanted program. Tools from this category might not be dangerous, but they may have annoying or undesired qualities, which might make some users want to erase them. In this case, users could find it irritating that the application might change their default search engine, gather information, or show third-party advertisements. If you do not want to keep an extension that might act this way on your browser, we recommend deleting it while following the instructions provided below this article or employing a legitimate antimalware tool that could remove Awesome Sports Search for you. Of course, if you wish to know more about the PUP before deciding what to do, we invite you to read the rest of our article first. Read more »

Pagefinder

Pagefinder

Pagefinder promises to help you “access popular sites instantly,” and although you might think that this Google Chrome extension can be convenient, we want to warn you that it was classified as a potentially unwanted program (PUP) by our malware research team at Anti-Spyware-101.com. It is most likely that Chrome users are introduced to this program via pop-ups, misleading links, and using redirection. Without a doubt, if you are ever introduced to an unfamiliar program in a strange manner, you should automatically become suspicious. If you decide that the program you are introduced to is just too good to pass up, you need to do research, and it is possible that you have stumbled upon this article exactly because of that. If you have not installed the extension yet, we suggest that you forget about it. If you have installed it already, you should definitely continue reading because the information we have gathered might make you want to remove Pagefinder. Read more »

Dharma-Ninja Ransomware

Dharma-Ninja Ransomware

Did Dharma-Ninja Ransomware encrypt files on your operating system? You can determine that by looking at the names of your files and by trying to open them. The “.id-{ID}.[ninja777@cock.li].ninja” extension should be added to the names, and when you try to open the files, you should be unable to do it. The files become unreadable after encryption because the threat changes the data within. Unfortunately, you cannot click a button or use an existing program to change things back to normal. Once files are encrypted, they are likely to be encrypted for good. Of course, the attackers want you to believe that you can restore files using their decryption software. Can you? That is unlikely to be the case, and Anti-Spyware-101.com researchers are ready to explain why. We also can explain how to delete Dharma-Ninja Ransomware. Keep reading to learn more, and do not forget to post questions in the comments section below if you want to. Read more »

RSA Ransomware

RSA Ransomware

RSA Ransomware was created by hackers who want to extort money from their victims. Therefore, the malicious application was programmed to encrypt personal data and display a ransom note asking to pay for their decryption. While hackers may claim they will provide needed decryption tools right after they get their money, we would not rush to trust them. There is always a risk they may not bother delivering the promised tools or that they might ask for more money. Thus, the best way to restore your files would be using backup copies. Of course, not every user backups his files, in which case, encrypted data could be lost if a victim does not want to put up with hackers’ demands. Whatever is your decision, we recommend removing RSA Ransomware because it might be risky to leave it undeleted. To find out more about it as well as learn how to erase it, we invite you to continue reading. Read more »