News

Egregor’s Rampage Continues

Since Egregor’s discovery in late September early October of 2020, the ransomware has wrecked a bloody toll in the short time it has been actively claiming victims. The first few of which included Barnes and Noble, Crytek, and Ubisoft. Since the apparent retirement of the Maze ransomware gang, Egregor has been quick to capitalize on the gap left in the market by Maze’s departure. Not only has the group behind Egregor been quick to fill the gap left by the Maze gang, but they have also been quick to adopt the tactics that made Maze so successful. Namely the human-operated tactics involving targeting large organizations with complex networks increases the likelihood of demanding a bigger ransom once critical network assets are encrypted resulting in increased downtime. Secondly, Egregor was quick to adopt the double-extortion tactic which involves the stealing and subsequent releasing of sensitive data from vic...

GoDaddy Employees exploited in attacks targeting Cryptocurrency Services

Late last week KrebsOnSecurity reported that Go...

Mount Locker Ransomware Targets Tax Season

Those behind the Mount Locker ransomware are lo...

Malsmoke and ZLoader Targeting Adult Websites

Since the start of 2020 researchers have seen a...

Top Removal Guides

DPD Delivery Email Virus

"DPD Delivery Email Virus" is one of many spam email campaigns used to proliferate the DanaBot trojan. Users receive a fake notification regard...

Deceptive Calendar Events Virus (Mac)

There are numerous dubious websites that contain deceptive advertisements, demand permission to show notifications, ...

Support Forum

This forum was created to individually help our readers with spyware and virus removal. Feel free to post your questions and our staff will do their best to answer them and provide the latest relevant information.

New Removal Guides

RestorFile Ransomware

RestorFile is the name of a malicious program, belonging to the Matrix ransomware family. Systems infected with this malware experience data encryption and receive ransom demands for the decryption. During the encryption process, affected files are retitled with a random character string and the ".[RestorFile@tutanota.com]" extension (which contains the cyber criminals' email address). For example, a file originally named "1.jpg" would appear as something similar to "Dm1VcZ9U-DOAwLcvy.[RestorFile@tutanota.com]" - following encryption. Once this process is complete, ransom notes - "#Decrypt_Files_ReadMe#.rtf" are dropped into compromised folders. The ransom-demanding message in "#Decrypt_Files_ReadMe#.rtf" informs victims that their data has been encrypted using the RSA-2048 and AES-128 cryptographic algorithms. According to the note, the only way of restoring the files is by purchasing the decryption keys ...

Starmode.biz Ads

Quite often browsers open pages like starmo...

CoVideoSearch Browser Hijacker

CoVideoSearch promotes a fake search engine...

StreamSearchWizard Browser Hijacker

StreamSearchWizard is a browser hijacker. I...

Top Antispyware

SpyHunter 5

Overview: Simply put a rootkit is a program or, more often, a collection of software tools that gives the hacker remote access to and control ov...

Malwarebytes 4.0

There are two versions of Malwarebytes 4.0 - Free and Premium. Although the Free version is capable of removing existing malware, the Premium del...

Top Antivirus

Combo Cleaner: Antivirus and System Optimizer (for Mac computers)

Appearance of Combo Cleaner: Antivirus and System Optimizer: Today, security researchers see a rise in adware targeted at Mac computers. While...

ESET NOD32 Antivirus 2020

Appearance of ESET NOD32 Antivirus 2020: Product Range Like many of ESET’s competitors, the company offers numerous tiers within its product ...

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal

Stay in touch with PCrisk