Virusremovalguidelines

Office Depot  and a California-based tech support software provider,  Support.com  will  pay $25 Million & $10 Million  respectively to the U.S. Federal Trade Commission (FTC) for  pushing innocent users  into buying the products they didn’t need. According to a recent FTC press release, the agency will use the entire settlement amount to  issue refunds to the customers impacted by the treacherous  Tech Support Scam  cascaded by Office Depot & Support.com. The devious practices of Office Depot were  exposed by Jesse Jones ’ undercover investigation, a renowned news personality from Kiro 7 News Channel. Joe Simons, the Chairman of FTC said that protecting the computers from malware, virus & other cyber threats is an arduous task for the customers. Further, he added that a case like this should send a strong message to the companies that  swindling the users into buying expensive services they do not need can...

This weekend, we have known for a short while that Microsoft is projecting to publish its Chromium-based variant of Edge Browser and the latest leak provides us the earliest flash at it. Chrome-based Edge browser has been announced that it is proffering users with their initial look at the imminent browser from Microsoft. Amidst chromium at its nucleus, perhaps it is no wonder that this variant of Microsoft edge displays more than a passing similarity to Google Chrome. The leak also reinforces much of what we already knew about it- Support for chrome extensions Dark mode Synchronization of preferences Microsoft has been  tight-lipped  concerning their forthcoming variant of Microsoft edge insider browser, but a gradual trickle of crevices has provided a little more erudition. With this leaked build users catch their first glimpse of the  Microsoft Edge Browser,  which from all articles intimates that it has the biggest opportunity of putting a notch in...

VideoLan.org is the official website for downloading famous VLC media player, VLMC & other professional & developer projects. This popular website is displaying a ruinous warning in Bing, an internet search engine which is owned & operated by Microsoft. The warning is displayed when users hover the cursor over the first hyperlink on the page:  VLC media player – Official Site . It states “ Site might be dangerous ” followed by another baleful warning that “ it could lead you to malicious software that can harm your device ”. VLC media player is a renowned free, open-source & portable media server that is capable of playing almost all multimedia files & DVDs, VCDs & Audio DCs. This cross-platform multimedia player is widely used by people from all over the world as it is free & available for desktop operating systems & mobile platforms like Android, Windows, iOS & Tizen. In addition to that, it can be downloaded from any digital dist...

A ruinous security flaw in Application program Interface of US Postal Services  exposed personal data  of over  60 million users over the course of 2017 & 2018. This vulnerability on USPC’s website allowed anyone with an account at usps.com to view personal information & account details of other users. In some cases, this flaw even allowed users to modify the details in the affected accounts. The leaked information included  user name ,  user ID ,  e-mail address ,  account number ,  street addresses  &  contact numbers  of the users. An anonymous researcher discovered this problem a year ago & informed US Postal Services, however, USPC failed to pay heed to researcher’s warning at that time. USPS patched this issue last week when a cyber security investigator, Krebs flagged it. Insight into the API Defect The root-cause of the vulnerability is hitched to an authentication weakness in the site’s Applicati...

Security researchers recently discovered a new member of Rotexy family that has casted attacks on over 70,000 Android devices in Russia, Germany, Ukraine & nearby countries. The Rotexy Banking Trojan uses three distinct communication channels to receive commands & is spreading through phishing links & enthralling texts sent via SMSs.  A recent security report revealed a Banking Trojan from the Rotexy Malware family that casted over 70,000 attacks in a period of three months. The attack of Rotexy Mobile Trojan primarily targeted the users in Russia & is continuously spreading its tentacles to carry out its pernicious motives. This new Rotexy Mobile Trojan is a blend of a Banking Mobile Trojan & a Ransomware Blocker that makes Rotexy a daunting threat. The security experts registered over 40,000 devious attempts of this Banking Trojan throughout the months of August & September. The baleful Trojan aimed at implanting a malicious app on Android smart ph...

Ever wondered that the Guardian of your system software that is meant to protect your system against malware attacks can step into the breach? A recent security research demonstrated a popular anti-malware app called Adware Doctor that was supposed to protect Apple MAC users against privacy and security threat, ironically, siphoned off browsing history and information about system processes and applications. It turns out that Apple; the most convincing consumer electronics and computer software brand in terms of security is under interrogation for not acting quickly in removing the dubious app. What is Adware Doctor? Adware Doctor was one of the top paid apps (sold for $14.99) in the Mac app Store with 4.8 star rating and over 7,000 reviews. The app claimed to: 1. Remove suspicious and unwanted extensions 2. Clear Browser cookies and caches to restore your browser 3. Remove Adware, malware and other nasty system infections from Apple PCs. 4. Kill annoying pop-ups and 5. R...

HTML5 is the latest version of HTML (Hyper Text Markup Language) that offers new attributes, elements and behaviors allowing the design of websites and applications with a  powerful and diverse mechanism. HTML5 new API allows us to play the video\audio within the browser without installing cumbersome browser plug-in (like flash). Google Chrome, a widely used browser platform recently plucked a bug that had enabled the abuse of video and audio HTML tags by cyber miscreants to embezzle important user information. Google tagged this vulnerability as CVE-2018-6177 and t has successfully fixed with the release of Chrome version 68.0.3440.75. Users who continue to use the older versions may fall in the trap of threat actors who may exploit this bug to lure users to the malicious websites. Read Full Article Click Here

Banks remain a favorite target of cyber criminal activities. Use of internet, virtualization and digitization has eased our business and dealing with money. On the other hand it has also escalated cyber crime activities. In order to ameliorate the performance of financial transactions such as cash withdrawals, deposits, fetching account information, transfer funds etc the idea of cash machine was proposed in 1967. Since then these cash machines known as ATMs (Automated teller Machines) are widely used and besides offering convenience to the customers, they have also proven beneficial in reducing the workload of bank’s staff. With the growing cyber crime activities, undertaking precautions and regularly updating cyber preparedness and defence mechanism is important. However a large number of institutions stir up only post an incident that causes financial misappropriation or loss of reputation. Recently Cosmos Bank, India’s second largest cooperative bank suffered a breach on i...

A Campaign active since August 2015 which had been using MDM Protocol to spy on 13 iPhone users in India was recently uncovered by security researchers. The attackers who were posing to be Russians were most probably operating from India. MDM or Mobile Device Management Protocol is security software which is utilized by large companies or enterprises to monitor and control policies on the devices used by the members of the workforce. The MDM protocol was being used to dispatch and regulate new applications via remote access. The MDM protocol is connected with the Apple Push notification service (APNS) to manage the connected device by sending a wake-up alert on the device. Once the device is linked, it connects to a pre determined web service that can be used for giving out commands or installing apps and services on the targeted device. The security researchers were unable to find out how the cyber attackers succeeded in installing the  MDM Malware  into the 13 iPho...

What is PoisonFang? PoisonFang is a harmful program that is categorized as a  ransomware . This piece of code was developed as an academic research project at the Technion Israel Institute of Technology. Omer Cohen and Tal Porat developed the Poisonfang Ransomware as part of a ransomware project. As nothing is termed safe on the internet, cyber criminals managed to steal this project. PoisonFang ransomware is used by these criminals to threaten innocent computer users for ransom by encrypting their files. This is a new threat which does not share any links with code from other popular ransomware. Poisonfang ransomware is distributed using Spam email attachments, malicious links, Torrents and Peer-to-peer networks etc. The attachments contained in the spam emails download the PoisonFang Ransomware virus payload into the system once it is opened. Malicious links and fake websites can be used to infect the system with Poisonfang ransomware. Torrents can be used to embed the ...

Earlier when most web browsers were designed, the web pages were simple and hence were rendered in the same process, to keep resource usage low. However, with the growing technology, there has been a significant shift in the active web page content. Ranging from pages designed using JavaScript to make the web pages interactive and create richer user interfaces with reduced server load to Flash, a technology used by Adobe to show animation on web pages, web-pages nowadays are full of “web apps”. Browsers that keep all the running apps in one process may face real challenges related to security, responsiveness and robustness. 1. If one web app crashes, it will take the entire web browser with it, including all the web apps that are open. 2. Web apps have to compete for CPU time, on a single thread rendering the browser unresponsive at times. 3. Some webpage may have malicious code embedded that may compromise the entire system. Hence the browser must keep different apps isolated ...

What is Boris Ransomware and how does it work? Boris  Ransomware  is a file encryption malware that encrypts files using AES-256 cipher algorithm and is based on the infamous HiddenTear Ransomware family. Once installed on the system via malicious websites, spam email attachments the ransomware scans the PC to search for files with the following extensions and encrypts them with the sophisticated cypher algorithm. .PNG, .GIF, .JPG, .PDF, .XLR, .XLS, .XLSX, .SQL, .APK, .COM, .EXE, .JAR,.CAD Files, .CSS, .HTML .PHP,.DOC, .DOCX, .LOG, .TXT, .CSV, .KEY, .PPT .PPTX and many more. The encrypted files are appended with [decode77@sfetter.com].boris extension. For instance a file named “abc.pdf” would be renamed to “abc.pdf.[decode77@sfetter.com].boris” which is completely unusable. Victims are informed about this unfortunate circumstance by dropping a ransom note file “README.txt” that does not disclose much and reads as: There are two version known of this ransom no...

Fake Adult sites are being used as an outlet for malware such as adware, in-browser cryptocurrency miners, PuPs, unwanted browser extensions and software utility tools such as media players, security software, games etc. Unsuspecting users are often gullible to scams and fall into the traps laid out by cyber miscreants. Most users who visit these sites know that they are bound to come across excessive ads and pop-ups. Many times getting redirected on an adult site is considered normal and closing the new redirect and moving on is what users do mostly. Thus, if they face a notification for updating their media player, on a web page where they are trying to look at a video, then most users install the update. The so called ‘media player’ update is just another door for the cyber miscreants to walk into your system and install malicious software without your approval. Misguiding the user to install the adware, in-browser miner, extensions, etc. is what most cyber miscreants do. ...

What is King Ouroboros Ransomware? King Ouroboros is a file encrypting virus  that is categorized as a  ransomware . It is a dangerous and destructive malware that injects itself in the user’s system to encrypt the files with a powerful encryption key. The personal files of the user such as photos, videos, documents and other files are encypted with the ‘ .king_ouroboros ’ extension by the  King Ouroboros Ransomware . It uses a powerful AES-256 encryption algorithm to encrypt user files and then demands a ransom for the decryption key. After the data on the system is encrypted, the user is unable to open any files and is displayed with a ransom note. King Ouroboros Ransomware — Threat Behavior King ouroboros ransomware infiltrates into the user’s system through various methods of infiltration and infect the computer. These methods include spam email campaigns, fake software update notifications, peer to peer networks, websites that are unsecure & ...

Phishing activities are becoming a flop with growing Artificial Intelligence powered phishing detection technologies. Email services and web security scanners use these anti phishing mechanisms to detect malicious emails. One such attempt is implemented by Microsoft in their Office 365 version to safeguard users from harmful emails and links. In Microsoft Office 365 Advanced Threat Protection (ATP), a cloud based email filtering service is used to protect users and their organizations against malware and viruses. Like Microsoft Office 365, many emails and web security services are based on natural language processing and to identify malicious or phishing emails faster. However cyber criminals can’t take a back seat! Recent news reveals that email scammers and cyber crooks have come up with a new technique that would allow their phishing emails to bypass the protection implemented by Microsoft in office 365. This new technique evolved by maleficent developers involves manipulating ...

What is FakeSpy? Disguising mobile apps is the most prevalent swindling technique deployed by cyber crooks to dupe users. Such Developers typically rely on popular third party apps to distribute malicious apps. For instance crooks attempt to get their apps published on Google play or app store for easy distribution of their spoofed apps. Irrespective of the techniques used to carry out the malpractices, the final motive is to steal user information and earn profit either by selling the sensitive information to the third party or extort the victim. Recently it was discovered that maleficent developers have evolved a new tactic where the malicious act of stealing confidential information from user phones is carried via SMS. The malware used in this campaign is FakeSpy and is currently known to target Japanese and Korean nations. However everyone needs to be cautious in case the infection expands its reach. How does the FakeSpy Android malware work? The malware is delivered vi...

What is VPNFilter Malware? VPNFilter, a new multistage and modular malware, unlike most other IoT(Internet pf Things) threats is capable to maintain a persistent presence on an infected device even after the system reboot. The malware can ostensibly be used to collect victim’s personal information, permanently destroy device and launch attacks on other devices. Since 2007 this sophisticated malware has targeted half a million routers and network devices in around 54 countries. The infection contains the killswitch for routers that is capable of stealing victim’s logins and passwords information. It also possesses the potential to monitor industrial control systems and deprive all the devices from accessing internet. Group behind this mischievous activity The mischievous effort to design the vicious infection is attempted by a Russian hacking group, the Sofacy Group also known as Apt28 or Fancy Bear group. The group is believed to have targeted government, military and security org...