“Pornographics Security Warning” is a fake security alert that promotes a tech-support scam. Supposedly, your Windows computer has been blocked because you were browsing questionable websites. In reality, you were simply redirected to a fake Microsoft website that displays a fake alert. The whole point of this tech-support scam is to trick users into calling fake tech-support numbers. Scammers on…
Yqal ransomware is file-encrypting malware from the Djvu/STOP ransomware family. It’s a pretty generic ransomware infection, practically identical to the other versions released by the cybercrime group operating Djvu. You can differentiate which version you are dealing with by the extension added to encrypted files. This particular version adds .yqal, hence why it’s known as Yqal ransomware. Unfortunately, you will not…
Wnlu ransomware is a generic ransomware infection that encrypts files. It comes from the notorious Djvu/STOP ransomware family, which is responsible for ransomware like Moia, Rigj, Robm, and Iisa. You will not be able to open any of the encrypted files unless you first run the files through a special decryptor. Unfortunately, the only people with a decryptor are the…
UK’s consumer protection organization Which? has warned of an ongoing Omicron variant-themed phishing campaign. These phishing emails claim that to avoid restrictions, people need to order a free PCR test. They can do that by clicking on the link in the email. Clicking on the link would lead to a fake NHS website. The site asks users to put in…
Catedlittlem.xyz is a highly questionable website that pushes a social-engineering scam to trick users into allowing advertisements on the desktop. It misuses a legitimate browser feature that allows sites to ask for permission to display notifications. This is why you will see a browser notification saying “Catedlittlem.xyz wants to show notifications” as soon as you enter the website. But instead…
In November’s edition of cybersecurity news headlines, we talk about three stories. International law enforcement operation GoldDust led to 7 arrests in relation to the REvil/GandCrab cybercrime gangs. NordPass released a list of the year’s most popular passwords, with disappointing but not surprising results. And the US is now offering a $10 million reward for information about REvil and DarkSide…
If your files have the .moia file extension, your computer is infected with the Moia ransomware. Because the ransomware encrypts files, you will not be able to open any of the files that have that extension. Moia ransomware comes from a known family of ransomware called Djvu/STOP and is one of the hundreds of versions currently out there. Because you cannot easily decrypt…
Izationser.xyz is a generic website that tries to deceive you into allowing its advertisements to appear on your desktop. Deceptive websites like this one misuse a legitimate browser feature that allows sites to show users notifications on the desktop. Thus, when you get redirected to the site, you will see a browser alert saying “Izationser.xyz wants to show notifications”. While…