After security concerns with official Pokemon Go version, Pokemon Go virus comes up

Firstly, we must clear things out – Pokemon Go is NOT a virus. It’s a newly-presented game that relies on augmented reality and uses your geolocation to let you capture Charizard, Venusaur, and other Pokemon all around you. It seems that privacy concerns noticed in the first versions of this game have already been eliminated with updates and the only tip we could give you before making yourself a member of Pokemon Go community is checking permissions of the app before installing it on your device.

However, there is another thing that you must know before installing Pokemon Go. According to the latest reports, scammers have already started launching fake versions of this app that are infected with malware. The latest warning about Pokemon Go virus comes from Russia – one of users, after being tricked into downloading a pronounced Pokemon Go version, discovered a Cerber virus on his device. The virus locked it down and informed its victim that he has to pay a ransom in exchange for its locked files. Besides, there have been noticed several similarly-themed apps on App Store and Google Play Store, such as “Install Pokemongo” and “Guide & Cheats for Pokemon Go”. While they have already been removed from the stores, there is no doubt that similar fakes are coming our way.

Pokemon-Go-virus

eSolutions warns about privacy issues found on Pokemon Go

It seems that the world has become crazy for Nintendo’s Pokemon Go game. Since its release day, it has already collected more than 7.5 million US downloads. No matter that it’s free, it has also been estimated that the game makes $1.6M in daily revenue in Apple Apple Store alone – people who want to catch more than one egg are offered “egg incubators” and those who can’t move around can buy “incense pots” and similar items.

However, no matter how attractive this game seems, you shouldn’t forget the security of your data. According to security experts from 2-spyware, Pokemon Go requires questionable permissions and people should be very careful when creating an account for this game with the help of Google account. If you are not careful enough, you can grant this app with a full access to your Google account. It means that Pokemon Go can get an ability to reach your Google Docs, Google Photos, Gmail and similar accounts, so there is lots of data that can be put at risk. No matter that the developer of Pokemon Go, Niantic, has already released an update which is supposed to fix this problem, gamers are highly recommended checking the privacy settings on the app and in their Google accounts. Make sure you don’t allow full access to your Google accounts.film The Circle 2017 trailer

pokemon-full-access

FBI warns organizations of a notorious SamSam ransomware

If FBI issues a warning about a specific virus, it means that it is rather a serious menace than a simple cyber threat. According to its latest report, schools, hospitals, and similar organizations should be especially careful with a data-encrypting virus called SamSam ransomware which has already attacked MedStar hospital in the US. In exchange for a decryption key, SamSam asked it to pay 45 Bitcoins or $18,500. Fortunately, MedStar has a backup, so its authorities didn’t have to pay a ransom, but this is not a typical scenario. Typically, victims either pay the money and wait for a decryption key (which sometimes fails to arrive!) or face the loss of their data.

It seems that SamSam ransomware doesn’t require users’ interaction when it tries to infiltrate the system. According to security experts, it targets servers thru JBoss vulnerability. For that, it uses a special tool called JexBoss, which is known as an open-source penetration testing tool. Unfortunately, but there is nothing much to do while trying to prevent SamSam. The most important thing to protect yourself is to backup your data.

This job isn't always easy

Cerber becomes another concern of eSolutions

Cerber virus showed up only several months ago. However, it appeared right after Locky ransomware, so it hasn’t received as much attention as we dedicated to the first threat. That’s a shame because it has turned out to be a serious threat to people’s files. According to the latest news, there is a multi-million spam campaign happening behind our back which is used to spread Cerber. Fortunately, these infected email messages are written in broken English, so you can spot them right after they show up in your inbox. Here is one of such messages that you should avoid:

Please find attached our invoice for services rendered and additional disbursements in the above-mentioned matter. Hoping the above to your satisfaction, we remain.

However, the example which is given below reveals that not each of spam messages is clearly fake. Please, be careful with spam.

cerber-spam-example

Hohosearch.com becomes another headache for PC users

Typically, viruses are active for several weeks. They are replaced by the new ones once their files are included to the data base of anti-spyware programs. However, it seems that Hohosearch.com is seeking to infect as much users as possible. After showing up several months ago, it can still hijack your system and make you use it instead of the default search engine or the start page. The first thing that we must note about hohosearch.com virus is that you can end up on infected website when using it. Technically, it is a browser hijacker that uses misleading strategy for promoting affiliate websites. Also, it can track you behind your back and cause other problems.

Surprisingly, one of our colleagues was also infected by this fake search engine several days ago. Hohosearch.com failed to leave the system until he ran a full system scan with SpyHunter. If you can also see a page displayed below on your web browser, you are hijacked. In this case, you need to follow hohosearch removal guide.

ScreenShot-of-hohosearch-virus

Security researchers make the developers of TeslaCrypt stop. Master decryption key is revealed

Let us announce you about the latest achievement of cyber security community. Thanks to its constant fight against the developers of TeslaCrypt, the gang working behind this virus decided to stop its distribution. What can you do if you are affected? If you are infected with ccc virus or Teslacrypt, you need to remove malicious files from the system first. To unlock your data, you should enter this Master Decryption key: 440A241DD80FCC5664E861989DB716E08CE627D8D40C7EA360AE855C727A49EE.

 teslacrypt-closed

Reimage fixes its bad reputation

Great news! There is another computer security program that managed to fix its reputation. It’s called Reimage. We believe that you have seen hundreds of different comments and reviews calling it “virus.” Nevertheless, we checked it in our office several weeks ago, and all what we can say is “great.” Its exceptional Windows Repair technology fixes system without a need to reboot it. Also, it has Avira AntiVir virus search tool, so it detects even the smallest viruses.

Sounds familiar? Yes, the same story can be told about SpyHunter, which was relying on a bad path about a decade ago. Nevertheless, now it’s a widely approved virus removal tool, which is used by companies and home users.

reimage box

New projects were added to eSolutions family!

You might have already got acquainted with the main project of eSolutions called 2spyware. However, this is not the only page that we have in our family. Next to 2 spyware, which is dedicated to viruses, we also manage dieviren.de, lovirus.es and 24 other sites that warn users in different countries about emerging malware each day. However, two websites were added to our clan just several weeks ago. The first of them is called novirus.uk. If you live in the UK, it should become your next best friend. The second one, virusi.bg, is dedicated to Bulgarian PC users and their problems. However, don’t even think that this is the end! We won’t calm down until each of countries has its own virus removal site!

tw-sites-of-esolutions

Working, working, working

When Locky virus keeps updating itself, you can’t stop working and have your lunch all at once. Someone needs to watch over the situation and help people fight against it. It seems that Germany and Japan are the most affected countries right know but it’s obvious that this virus can affect almost every country in the world. Stay tuned.

office-work