Ransomware with ridiculous names started appearing on the web

Ransomware viruses have been around for years, just recently, though, they came back to the web more malicious than ever before. These viruses take away your files, ask you to pay the ransom but will not necessarily return them even if you pay. There are hundreds of such programs, and they are all more or less destructive. Thus, the names picked out by their creators usually correspond to their malicious nature. The 2-spyware team has already discussed such frightening infections like the Apocalypse virus, Nuke ransomware or a cyber threat named after the famous horror movie character Jigsaw. Such titles were undoubtedly chosen to add seriousness and frighten the victims into paying up for their files.

For other malware creators, money may be just as important, but they seem to have decided: why not amuse themselves while making it? As a result, ransomware with funny and even ridiculous names started showing up and infecting computers. Donald Trump ransomware, Princess Locker virus are just a few of the most bizarre virus titles that our team has come across only in the past couple of weeks. Moreover, there are still samples of cyber infections that draw from the popular culture, like for instance, Harry Potter-themed Voldemort or Norse mythology-related ODIN ransomware. Completely random names like JokeFromMars are also not uncommon. Nonetheless, despite the fact that these titles have no negative connotations, such ransomware should not be taken any less seriously than their serious counterparts. In fact, there is a greater chance of unknowingly downloading malicious files which names do not raise any suspicion or even sound hilarious. File-stealing infections are not a joke and should be avoided at all costs. On 2-spyware.com we try to update and inform you on the latest ransomware releases, but there still might be viruses roaming the Internet not yet discovered by the virus experts. Thus, we urge everyone to take steps to protect computers from potential breaches and not allow malware creators to make fun out of you.

Warning from 2-spyware: do NOT visit Safe-web.tk

Several weeks ago, researchers from one of eSolutions projects, 2-spyware, received a question on Safe-web.tk. A person who was contacting them asked how could he remove this annoying virus. After starting their own research, experts discovered that Safe-web.tk is a browser hijacker that causes redirects to misleading websites. Be sure to stay away from it because you can be tricked into revealing your personal information to scammers Also, you can loose the money and run into other problems.

The first domain 2-spyware researchers were redirected to was a misleading site that promotes “roulette strategy”. It is a Lithuanian domain that is filled with misleading claims about an “amazing” possibility to earn the money by playing roulette online. We must warn you that such strategies do NOT work and that you won’t be able to take the money you transferred during registration. After testing Safe-web.tk virus for the second time, experts found themselves on a site that announces about a $3500 prize. It asks the victim to enter personal details so that he or she could claim the prize. Please, do NOT reveal your personal information to people that you don’t know and remove Safe-web.tk from your computer before it achieves what it was created for.

New scam alert: a fake BSOD error

People hate Blue Screen of Death (BSOD) error because it can force their computers to reboot at the most unexpected times. Sometimes you can fix this issue by using System Restore, rebooting your machine to Safe Mode or by installing updated drivers but, in most of the cases, you can get rid of BSOD only after you reinstall Windows. However, it seems that there is one more thing to check if BSODs have started interrupting you – you should also scan your computer with updated anti-spyware for malicious software.

According to the latest reports, hackers have started spreading programs that are capable of showing a fake BSOD. Once it infiltrates computer and affects web browser, it starts interrupting its victim with such alert message. By showing it, it seeks to mislead users into thinking that their computers are dealing with malware-related problems that can be solved only by reaching MICROSOFT CERTIFIED technicians. The fake BSOD error can also report about potential data loss and similar problems that can appear due to this invented problem. Please, do NOT contact any “experts of Microsoft” because they have nothing to do with this company. In reality, they are hiding under such name just for trying to make people dial a given number and earn the money from their fake service.  Fortunately, you can remove BSOD error virus with almost every reputable anti-spyware program.

Why is it dangerous to deal with Trotux?

Nowadays, Internet users are facing threats every minute they spend online. Some of them can be stopped by an antivirus software, others can be avoided due to a smart behavior online. Unfortunately, but some threats can still find a way to sneak into the computer unnoticed. One of them is Trotux virus that was discovered by its 2spyware security researchers several months ago. This program has mostly been called a “virus.” However, it is not an accurate definition because it is not malicious itself. Usually, people let it infiltrate their computers without even noticing this because it has been actively promoted with the help of bundling. Beware that Trotux can come to your system bundled with download managers, PDF creators and similar freeware. To prevent it, you must always select “Custom” or “Advanced” installation of free software. Then, make sure that you uncheck check marks telling you that you are not against changing your PC’s settings. Of course, you can also install this program yourself. Why? Probably, after being convinced that this search engine delivers “relevant and comprehensive results every time you search.” However, you should keep in mind that Trotux does not fit the image of reliable search engine and there are more than three things explaining why should you and other Internet users stay away from it.

  • Trotux.com hijacks web browser;
  • This browser hijacker delivers potentially harmful content;
  • It might collect personal information.

One of the best ways to keep your computer safe is to remove Trotux and similar PUPs from your computer. You should also check this post to know more about this suspicious search engine.

Facebook Suspension scam is still active and tries to trick companies

Facebook has the audience of more than 750 million users, so there is no surprise that thousands of companies have been actively using it for their marketing campaigns and public relations. Naturally, when you are active on this social network, you receive thousands of notifications to your email box. The scariest ones are Facebook’s warnings about your suspended page. However, if you have recently received this kind of notification, there is a huge possibility that it is a scam that has nothing in common with Mark Zuckerberg’s aim to close your company’s page. It might be that you are just dealing with Facebook Suspension virus which has recently renewed its activity.

In fact, this scam is not new – it has been spreading around for several years. It spreads with the help of misleading email messages that pretend to be from Facebook and claim that company’s Page might be suspended because of Facebook’s Terms of Services violation. The email provides a link for account verification and further review. According to specialists from 2-spyware, this link has been altered for several times and that there is a huge possibility that it might redirect users to infected domains. So, you should not open this link because visiting these websites might cause serious damage to computers.

If you received a similar email from Facebook that looks suspicious, read this post about Facebook virus attentively. To spot scams, you should look for grammar or typo mistakes that are usually the red flag that the email is fake. However, most importantly, you should check the email from the sender. If it was sent from Facebook Help Center, the real service of Facebook, you may be in trouble with your suspension. 



eSolutions announce a release of a brand new site

It hasn’t been a week since eSolutions team has announced the new addition to the 2-spyware project – viruss.lv. The release of the Latvian version of the popular infosec website has already received a lot of positive feedback. But we are not planning on stopping just there. We aim at introducing current cyber security issues to even more native language speakers, ensuring our project is accessible to people of all origins and nationalities.

Today, we would like to announce the release of viirused.ee, an Estonian site which is already 28th language eSolutions administers. Now, we can finally cover all three of the Baltic countries: Latvia, Lithuania, and Estonia. Just like the Latvian site which we announced a couple of days ago, viirused.ee is still in the process of growing and its team is working on catching up with the latest and the most important online security news. As the site progresses, the Viirused will keep you updated on the latest cyber threats, infosec news and will kindly assist you with malware removal. The Virus Activity plugin implemented on this site will also give you a concise overview of the current virus activity level, warning you about the most dangerous threats to look out for.

Do not hesitate, go and check our newly released sites while we proceed to provide you with the best service. If you can’t find a site in your native language just yet, do not worry – we are working on it, and you can expect new additions soon.


Good news for the Latvian 2-spyware readers!

As the extensive globalization continues to unify the world, most security blogs and infosec sites turn to the English content only. However, the attempts to please the English-speaking audience often turn against the speakers of other tongues, who prefer reading the content in their native language. Having this issue in mind, eSolutions team has taken another step towards making 2-spyware more user-friendly. We are proud to introduce Latvian site as the newest member of 2-spyware project family. Viruss.lv was released at the end of July and continues to grow rapidly. Though the site is still freshly baked, it already contains all the crucial information about the most vicious viruses known today. What is more, every virus description conveniently features removal recommendations and suggestions on how to avoid malware infections in the future.

We should point out that all the information provided on the Viruss.lv is approved by the professionals who seek to introduce the readers with the latest and most accurate cyber security news. The Viruss team of experts is always ready to answer general security related questions or give additional suggestions to help the users solve virus elimination problems.

We believe that addressing the audience in the language it understands best is the key to delivering the intended message comprehensively and helps to spread the cyber security awareness better.

eSolutions presents partnership with Plumbytes Anti-Malware

If you are looking for a reliable anti-spyware tool, it is a great time for you to try Plumbytes Anti-malware. After testing this program on our computers, we discovered that it’s light but powerful security software which uses a unique virus detection technology. You don’t need to spend long hours waiting for it to find malware on your computer because Plumbytes is based on a multi-threat algorithm. According to the developer Plumbytes Software LP, this algorithm lets you scan your system 5 times faster than when using other anti-spyware programs. We must admit that we haven’t noticed such difference when comparing Plumbytes scan speed with other anti-spyware programs’ speed. However, it is clear that the software is faster than its competitors.

A bonus that comes with Plumbytes is browser anti-hijack protection that provides full protection against browser hijackers. Having in mind that these potentially unwanted programs have become as aggressive as other viruses (ransomware-type threats, rogue anti-spyware and others), there is no doubt that this feature will be used by you almost each day. Of course, you can also reach its IT experts when you cannot remove a stubborn virus on your computer and connect to other great features explained in this Plumbytes review.



Windows 10 Anniversary Update: why is it worth upgrading your PC?

Microsoft has been continuously improving Windows ever since it was released, developing new versions of this OS every couple of years. Windows 7, Windows Vista, Windows XP and numerous other variants have finally built up to Windows 10 which is the most recent and probably the most groundbreaking version so far. But Microsoft developers did not stop just there and have just released a real game-changer – Windows 10 Anniversary Update.

Apart from the useful and fun features such as Windows Ink, allowing the users to make handwritten notes and pin them on the screen or the collaboration with Xbox, in this new update a lot of attention is given to the system security as well. For instance, Windows Information Protection feature is set to protect users against unauthorized access of the personal data which might be attempted by different applications. Improvements were made to the Windows Defender as well. This in-built protection shield can now be scheduled to run regular scans and provide in-depth analysis of the computer’s security parameters. Also, with this new version, you will now have the option of protecting your PC and even individual applications using facial or fingerprint recognition.

Needless to say, system updates are crucial for a smooth and stable system performance. By upgrading your operating system, you also ensure that your computer runs according to the newest security standards. So, in collaboration with reputable antivirus utilities, such as SpyHunter, system updates can significantly increase the malware defense as well. Though Windows 10 Anniversary Update is a major upgrade, new system updates are being released almost every day, thus cyber security experts encourage checking for them regularly to keep your system up-to-date.

eSolutions experts notice a revival of old ransomware viruses

Ransomware viruses are among the most prosperous cyber infections today. Even though these viruses been around for quite some time, the major upheaval in their development and distribution has been noticed only in the last couple of years. New versions of these malicious file-locking viruses are being released daily. Of course, most of them are terminated after the experts find ways to bypass their malicious codes. But some continue to live on.

Back in 2012, the Internet community was targeted by a virus called ACCDFISA. This infection has been infecting computers, locking them and displaying a threatening notification about the supposedly illegal activities carried out using the computer in question. The access to the system and the files on it were then blocked, and the victims had to pay a considerable amount of money to be able to use the computer normally again. Luckily, this infection was soon decontaminated when the experts managed to come up with an effective decryption solution. The virus distribution soon ceased and it seemed that the threat was defeated. For the surprise of the virus analysts and the whole cyber security community, ACCDFISA version 2.0 was spotted, continuing the dirty deeds of its predecessor. The four years of silence do not seem to have had any impact on its severity.
Occurrences like these only justify that the battle with cyber infections is unpredictable and never ending. Thus, constant analysis of these infections is necessary to help experts and regular users learn more about how they can avoid them. You can always find the latest infosec news on 2-spyware.com.

An illustration of the ransomware virus revival