Witchcraftcash.com Redirect

witchcraftcash.com is a deceptive website identical to super.awesomeforyou.club, ad.dumedia.ru, marketgid.com, and many other. Research revealed that witchcraftcash.com is designed to redirect users to a variety of suspicious websites. It is also worth mentioning that users visit witchcraftcash.com inadvertently - they are redirected by various potentially unwanted programs (PUPs) which stealthily infiltrate the system during the installation of other software ("bundling" method). Aside from causing redirects, PUPs deliver intrusive advertisements and continually record various information. Potentially unwanted programs deliver pop-up, banner, coupon, and other similar adverts. To achieve this, developers employ "virtual layer" - a tool that enables placement of third party graphical content. For this reason, displayed adverts often conceal the underlying content, what significa...

How to remove “Your device has been blocked” ransomware virus from Android tablet or phone?

Cyber criminals have been spreading ransomware viruses on Windows-based computers for some time. These types of infections became popular in mid-2006 and continue to infect personal computers and extort money from their victims. Recently, security research began showing a rise in Android-based mobile ransomware infections. Commonly, ransomware viruses exploit the names of authorities including the FBI, USA Cyber Crime Investigations, and The ICE Cyber Crime Center - making fake claims that users must pay an amount of money (for supposed law violations such as watching pornography, using copyrighted files, etc.) in order to unblock their devices. In most cases, cyber criminals employ the Green Dot MoneyPak, Ukash, or PaySafeCard pre-paid card services to collect fake fines from unsuspecting mobile device users. Tablet and mobile phone users should be aware that paying these fines as ordered by these messages ...

Fileless Ransomware Emerges

Researchers and analysts at Trend Labs have discovered a new fileless ransomware which they have termed Sorebrect. Although fileless ransomware is by no means new, this latest variant displays some cunning features intended for it to evade detection and frustrate forensic audits. The variant was first discovered infecting systems in Lebanon and Kuwait, however, it has recently been seen infecting systems as far afield as Canada, China, Croatia, Italy, Japan, Mexico, Russia, Taiwan, and the U.S. Sorebrect seems to be specifically targeting companies within the manufacturing, technology, and telecommunications industries. Experts further believe that this new variant will in all likelihood appear in more countries or even peddled as a Ransomware as a Service (RaaS) on the Dark Web to serve criminal organizations in extorting money from victims. Put simply Sorebrect utilizes code injection to inject malicious cod...