Author Archives: Max Lehmann - Page 4

Retadup

Retadup is a vicious threat that was used to distribute cryptocurrency miners, ransomware, and other malicious applications. Luckily, cybersecurity experts were able to deactivate the malware, and it should no longer be distributed. In this article, we talk about how the threat works and what harm it could cause to you and your computer if you leave it unattended. Also, we discuss what safety precautions one ought to take after detecting this malicious application on their system. Plus, at the end of this article, we display instructions showing how to locate files belonging to the malware and how to erase them to get rid of Retadup manually. Needless to say that using a legitimate antimalware tool might be faster to deal with this worm, especially if you had no experience with such vicious infections so far. Read more »

My Flight Finder Tab

My Flight Finder Tab

Whether you travel a lot or like to daydream about going to places, you could come across an extension called My Flight Finder Tab. Another condition to encounter this plugin is to use Google Chrome, as it looks like it is the only browser the application is compatible with for now. There are a few things users who might be considering this extension ought to know, like the fact it falls under the classification of potentially unwanted programs. It does not mean the tool is malicious, but it is possible it could have unwanted or annoying qualities. To learn more about it, we encourage you to read our full article. In case you already placed My Flight Finder Tab on your browser without knowing how it works first, and now wish to erase it, we advise using our provided deletion instructions or a legitimate antimalware tool. Read more »

Freezing Ransomware

Freezing Ransomware

At the time of research, Freezing Ransomware was not a fully-functional infection. As a matter of fact, our research team at Anti-Spyware-101.com believed that it was not fully developed. It is hard to say if the attackers behind this malware would continue with its development or when the infection would be unleashed, but even if we do not see this infection emerging as a real file-encryptor, we need to prepare for it potential attacks. At this point, it is impossible to know how this threat would be distributed, but it is possible that the attackers would expose Windows users to its installer via misleading emails, using bundled downloaders from unreliable file-sharing sites, or by exploiting Windows security vulnerabilities. These are the methods that are often employed to distribute Crash Ransomware, Angus Ransomware (Zeropadypt variant), Hermes837 Ransomware, GoRansom Ransomware, and other malicious infections alike. Removal guides for these threats already exist on our website, and in this report, we hope to show you how to delete Freezing Ransomware successfully. Read more »

Will Olympic Destroyer Come Back in 2020?

The Olympic Games is one of the most-watched sports events in the world. It attracts millions of viewers all around the world. It also attracts Olympic Destroyer and various other kinds of malware. Sadly, we live in a world, in which cybercriminals exist, and their goals range from stealing and selling confidential data to tarnishing the name and reputation of the Olympic Game organizers. Although the attackers behind this malware were able to successfully attack those involved in the organization of the Pyeongchang Winter Olympic Games in 2018, the event went on as planned, and the attackers were not able to create irreversible damage. Read more »

Skipper

Skipper is a Trojan, and if you are not cautious, it could be used to open up a backdoor straight into your operating system. This malicious Trojan has been found to be employed by the Turla APT (Advanced Persistent Threat) group. The group is famous for creating and using multiple different tools in their attacks. A few others include Topinambour and KopiLuwak, and if you want to learn more about them, detailed articles and removal guides are already available. If you have found any of this malware on your operating system, there is a good chance that your virtual security has been jeopardized already. Although the backdoor does not offer a great variety of functions, the attackers can use it for the most basic actions necessary for highly complex and aggressive attacks. Ultimately, this malware is extremely dangerous, and you want to get rid of it as soon as possible. If you are not yet sure whether or not you need to delete Skipper, employ a trusted malware scanner, and you will find out right away. Read more »

Purple Fox

Purple Fox is a Trojan downloader that might enter target system through common software vulnerabilities. This infection is a particularly sneaky one because the Trojan downloader itself is fileless. It virtually means that you cannot remove Purple Fox from your system as it doesn’t drop any additional files. It can, however, drop other malicious infections on your system, so you will do yourself a favor if you run a full system scan with a licensed antispyware tool right now. After all, Trojans infections are hard to spot unless you are a computer expert, so regular system scans are a must. Read more »

GoRansom Ransomware

GoRansom Ransomware

You have to secure your Windows operating system now because a single security crack could help the dangerous GoRansom Ransomware slither in. Also known as GoRansom POC Ransomware, this malicious threat was created for an unknown purpose. According to the Anti-Spyware-101.com research team, the infection might have been created by someone interested in experiments and tests, and maybe it is not intended for mass attacks. However, it is also possible that whoever stands behind this malware is learning and getting ready to strike in a real way, just like LOCKED_PAY Ransomware, Seto Ransomware, Save Ransomware, and many other malicious infections can. These threats – along with thousands of others alike – are created to corrupt files and demand money in return for decryption tools and software. The current version of the threat we are discussing in this report does not request that. While it is unlikely to attack, if it has encrypted your files, you must delete GoRansom Ransomware ASAP. Read more »

Seto Ransomware

Seto Ransomware

You do not want your files to be encrypted by any infection, but especially not Seto Ransomware, because you might be unable to get them back. Although files are not deleted or moved, their data is changed so that they could be read only with a special decryptor. According to Anti-Spyware-101.com analysts, a free decryptor has been released by malware researchers, but this tool cannot decrypt all files or any files if they were not encrypted with an offline key. Basically, even though a decryptor exists, we cannot know for sure whether or not you would be able to have them decrypted. That, of course, does not mean that you are completely screwed. If you have backups of your personal files stored outside the infected computer, you should be able to use them as replacements for the corrupted ones. Hopefully, that is the scenario you are in, but we suggest replacing files only after you remove Seto Ransomware. After all, this is malware that cybercriminals have created, and you want it gone ASAP. Read more »

Ultra Music Search

Ultra Music Search

Ultra Music Search may seem like a perfect tool for users who cannot live without music, but there might be something about this extension that could make you want to get rid of it. Our researchers say the application might show irritating advertisements and notifications while surfing the Internet. For some users, such behavior could disturb their browsing. Consequently, the app was classified as a potentially unwanted program. If Ultra Music Search seems annoying to you and you do not want to keep it on your browser any longer, we can offer our deletion instructions provided at the end of this article. Also, you can find a comments section below where you can leave us a message if you have any questions about this potentially unwanted program or its deletion. Read more »

Kronos Ransomware

Kronos Ransomware shows a note through which the malware’s creators try to convince their victims to pay a ransom. In exchange, the hackers promise to send a decryptor that could decipher the threat’s affected files. They even promise to prove that they have the needed decryptor by allowing their victims to send one file for free decryption. Even so, we would not recommend agreeing to pay a ransom if you do not want to risk losing your money in vain. It is possible because even if the cybercriminals have the promised recovery tools, it does not guarantee they will send them to you. In any case, it is up to you to decide what you should do. If you choose to eliminate Kronos Ransomware, we advise using the instructions available at the end of this article or a chosen antimalware tool. In case you want to get to know the threat better, we invite you to read our full article. Read more »