FBI warns organizations of a notorious SamSam ransomware

If FBI issues a warning about a specific virus, it means that it is rather a serious menace than a simple cyber threat. According to its latest report, schools, hospitals, and similar organizations should be especially careful with a data-encrypting virus called SamSam ransomware which has already attacked MedStar hospital in the US. In exchange for a decryption key, SamSam asked it to pay 45 Bitcoins or $18,500. Fortunately, MedStar has a backup, so its authorities didn’t have to pay a ransom, but this is not a typical scenario. Typically, victims either pay the money and wait for a decryption key (which sometimes fails to arrive!) or face the loss of their data.

It seems that SamSam ransomware doesn’t require users’ interaction when it tries to infiltrate the system. According to security experts, it targets servers thru JBoss vulnerability. For that, it uses a special tool called JexBoss, which is known as an open-source penetration testing tool. Unfortunately, but there is nothing much to do while trying to prevent SamSam. The most important thing to protect yourself is to backup your data.

This job isn't always easy

Cerber becomes another concern of eSolutions

Cerber virus showed up only several months ago. However, it appeared right after Locky ransomware, so it hasn’t received as much attention as we dedicated to the first threat. That’s a shame because it has turned out to be a serious threat to people’s files. According to the latest news, there is a multi-million spam campaign happening behind our back which is used to spread Cerber. Fortunately, these infected email messages are written in broken English, so you can spot them right after they show up in your inbox. Here is one of such messages that you should avoid:

Please find attached our invoice for services rendered and additional disbursements in the above-mentioned matter. Hoping the above to your satisfaction, we remain.

However, the example which is given below reveals that not each of spam messages is clearly fake. Please, be careful with spam.

cerber-spam-example

eSolutions presents Virus Activity Plugin for WordPress

If you run a tech-related WordPress website, you should know about Virus Activity Plugin, which was presented by eSolutions last week. It can increase the trustworthiness of your website as it lets your visitors know about a global virus activity level and the latest viruses that can pose a danger to their systems. Information is collected from such tech giants as Microsoft, Kaspersky, Norton, and Avira, so there is no doubt that it can increase the number of your visitors as well. 

If you still believe that viruses are invented by antivirus companies just for scaring people and making the money, you should be informed that virus activity level has never been as important as it is now. The most dangerous and, unfortunately, the most active malware is considered ransomware. It infiltrates computer as a useful email attachment and encrypts your files. Also, it starts showing a ransom note asking you to pay a special amount of money in exchange for its decrypter. After getting infected with one of such threats, you can loose from $300 to $10000. Would you like to lose each of your files or such amount of money? Beware that the latest ransomware, called WannaCry, infected more than 200.000 computers in 150 countries.

To increase users’ awareness and add more value to your website, you just need to go to your WP admin -> Plugins, click “Add New” and search for “Virus activity”. You can also click Virusactivity.com or WordPress.org. Plugins. Virus activity to download this plugin. Once you finish the installation, go to Widgets and move “Virus Activity” widget to a sidebar. To get more information about the latest viruses, check Virus Activity News. Experts who are working behind this page are ready to share with you the most relevant information.

Hohosearch.com becomes another headache for PC users

Typically, viruses are active for several weeks. They are replaced by the new ones once their files are included to the data base of anti-spyware programs. However, it seems that Hohosearch.com is seeking to infect as much users as possible. After showing up several months ago, it can still hijack your system and make you use it instead of the default search engine or the start page. The first thing that we must note about hohosearch.com virus is that you can end up on infected website when using it. Technically, it is a browser hijacker that uses misleading strategy for promoting affiliate websites. Also, it can track you behind your back and cause other problems.

Surprisingly, one of our colleagues was also infected by this fake search engine several days ago. Hohosearch.com failed to leave the system until he ran a full system scan with SpyHunter. If you can also see a page displayed below on your web browser, you are hijacked. In this case, you need to follow hohosearch removal guide.

ScreenShot-of-hohosearch-virus

Security researchers make the developers of TeslaCrypt stop. Master decryption key is revealed

Let us announce you about the latest achievement of cyber security community. Thanks to its constant fight against the developers of TeslaCrypt, the gang working behind this virus decided to stop its distribution. What can you do if you are affected? If you are infected with ccc virus or Teslacrypt, you need to remove malicious files from the system first. To unlock your data, you should enter this Master Decryption key: 440A241DD80FCC5664E861989DB716E08CE627D8D40C7EA360AE855C727A49EE.

 teslacrypt-closed

Tired of computer errors? Visit UGetfix

ugetfix-comEveryone knows how hard is to keep your computer fast and stable. You have to keep your software up-to-date, always uninstall useless applications, remove malware, etc. All in all, it seems that you have to be a computer technician to keep your computer safe and clean.

Having this in mind, nearly one year ago eSolutions presented an exceptional project, which is dedicated to helping people fix their computers for free. It’s called UGetFix.com. The site is composed of several categories: News, Fix, Uninstall, Recover, and Optimize. It is full of helpful information, which is oriented to both, Windows OS and Mac OS X. We are working very hard on this project and hope that it soon will appear in your Bookmarks!

Reimage fixes its bad reputation

Great news! There is another computer security program that managed to fix its reputation. It’s called Reimage. We believe that you have seen hundreds of different comments and reviews calling it “virus.” Nevertheless, we checked it in our office several weeks ago, and all what we can say is “great.” Its exceptional Windows Repair technology fixes system without a need to reboot it. Also, it has Avira AntiVir virus search tool, so it detects even the smallest viruses.

Sounds familiar? Yes, the same story can be told about SpyHunter, which was relying on a bad path about a decade ago. Nevertheless, now it’s a widely approved virus removal tool, which is used by companies and home users.

reimage box

New projects were added to eSolutions family!

You might have already got acquainted with the main project of eSolutions called 2spyware. However, this is not the only page that we have in our family. Next to 2 spyware, which is dedicated to viruses, we also manage dieviren.de, lovirus.es and 24 other sites that warn users in different countries about emerging malware each day. However, two websites were added to our clan just several weeks ago. The first of them is called novirus.uk. If you live in the UK, it should become your next best friend. The second one, virusi.bg, is dedicated to Bulgarian PC users and their problems. However, don’t even think that this is the end! We won’t calm down until each of countries has its own virus removal site!

tw-sites-of-esolutions

Working, working, working

When Locky virus keeps updating itself, you can’t stop working and have your lunch all at once. Someone needs to watch over the situation and help people fight against it. It seems that Germany and Japan are the most affected countries right know but it’s obvious that this virus can affect almost every country in the world. Stay tuned.

office-work