Snatch Ransomware has a New Trick

New and novel ways to further a malware main objectives do not happen too often. Hackers prefer to use tried and tested means to distribute and deploy malware. Even the development of new malware is generally done by veteran groups of hackers with a certain skillset. When a new trick is seen interest is raised accordingly amongst researchers and journalists. The trick that has gotten all the attention lately was created by the malware authors behind the Snatch ransomware. The trick involves rebooting the infected machine into Safe Mode and then encrypting files. This is done in an attempt to avoid detection. In a recent report published by Sophos, researchers noted that the trick works because some antivirus packages do not start in Safe Mode, the mode is used to recover from a corrupted operating system. This is likely the first time such a tactic has been seen in the wild. This is novel for a second reason as t...

Great Cannon Resurrected

After a two year hiatus the botnet, named Great...

PyXie RAT Stealing Credentials and Passwords

Researchers have discovered a new remote access...

South Korean Cryptocurrency Exchange has $48.5 Million Stolen

Cryptocurrency exchanges have been a target for...

Top Removal Guides Redirect is a legitimate Internet search engine. This site is developed by a legitimate company and is not related to any virus or malware. Be ... Redirect is a popular website that can be used as the browser homepage or default Internet search engine. Recently, there is a rise in ...

Support Forum

This forum was created to individually help our readers with spyware and virus removal. Feel free to post your questions and our staff will do their best to answer them and provide the latest relevant information.

New Removal Guides

CryptBot Trojan

CryptBot is a malicious software that is classified as a Trojan, it is designed to steal passwords. It infects systems through the installation setup of a fake VPN program, it gets installed with another trojan-type malware called Vidar. Both trojans are designed to steal saved browser credentials and other information. These malicious programs can cause quite serious problems. Therefore, they should be uninstalled as soon as possible. Once a fake VPN client called Inter VPN is downloaded, installed and executed, it infects a system with CryptBot and Vidar. It does it by using a AutoHotKey script which downloads executables of both CryptBot and Vidar from the bitbucket[.]org website (they could be downloaded from other sites as well). As we mentioned in the introduction, these malicious programs are designed to steal sensitive, confidential information. They can steal logins and passwords that are saved ...

DiskFixer Uwanted Application

DiskFixer is a piece of software, endorsed ... Ads

Rex-news1[.]club is an address of a shady w...

Top Antispyware

SpyHunter 5

Overview: Simply put a rootkit is a program or, more often, a collection of software tools that gives the hacker remote access to and control ov...

Malwarebytes Anti-Malware

Malwarebytes Anti-malware Pro costs $24.95 for a lifetime license and includes additional features not available in the free version, such as rea...

Top Antivirus

Combo Cleaner: Antivirus and System Optimizer (for Mac computers)

  Supported platforms: At time of testing, Combo Cleaner was only available for Mac computers running the Mac OSX 10.10 (Yosemite), Mac ...

Avast Internet Security

Cost Many antivirus producers are wondering what it takes to make a successful paid for suite. What needs to be included to justify the price ta...

Malware activity

Global virus and spyware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal

Stay in touch with PCrisk