One large group will slowly conquer another large group, reduce its numbers, and thus lessen its chance of further variation and improvement. <…> Small and broken groups and sub-groups will finally tend to disappear. Charles Darwin. ‘On the Origin of Species’ The golden age of Trojans and viruses has long gone. Malicious programs

At Malwarebytes Labs, we’re never short of PUPs to analyse and explore. As per our telemetry to date, SweetIM is one of the top PUPs Malwarebytes Anti-Malware (MBAM) detects and removes from our clients systems. In order to get to know what SweetIM software does on a user’s system, we have selected Bubble Hit by GamePacks (MD5: 0326564318717b9826c4b81eb5d342

In the beginning of the year, we asked our readers for their input about our PUP Friday initiative. For those of you that took the time to fill out the survey or post their comments, thank you for your feedback and continuous support! The numbers We had hundreds of readers that filled out our survey. Which is pretty great. Thanks for that. Over 95% of them a

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and

While looking into an infection associated with a “system optimizer”—Didn’t we say they’re digital snake oil?—we identified a multi-functional installer called FAsetup1.exe (md5 902e30fa3dc4bf543b523b4a41eb8acd) as the source. This file offers a variety of different bundlers and scams that are usually different every time you run the

Vonteera is an adware family that has been around for years. They stand out from the rest because of their very intrusive changes to the affected systems, which is why you will see them classified as Trojan by some anti-malware solutions. Recently, they added a new trick to their arsenal: using system certificates to disable anti-malware and anti-virus softw

On several sites, we have seen reports of popups that look very similar to the one Java used to notify users when the content of a site requires the Java plugin to show the full content. But if we follow this particular prompt we get something completely different called “Media Downloader”. The downloaded file is called setup.exe and is recognized by a few

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and

Today we’re going to look at another site which wants you to fire up Whatsapp and spam messages to friends [1], [2] in order to claim a prize. In this case, the route to victory involves their so-called Lucky Wheel. The Bit.ly URL bit(dot)ly/globalwheel has been doing a roaring trade in clicks since the 7th of July, with a total of 432,205 clicks so fa

  A word on registry cleaners. One of the most common complaints we see on our forums, and from our users, concerns a particular category of program called “Registry Optimizers” or “Registry Cleaners” or “Registry Defragmenters”. For this post, we will just refer to them as registry cleaners.   Who makes this software? There

Here at Malwarebytes, we take a pretty strong stance against Adware in general, and Potentially Unwanted Programs (PUPs) in particular. We believe the majority of people do not want their computers to get slowed down, their browsing experience disturbed by annoying ads or their search results to return irrelevant answers. Sadly, devious software makers are u

Leapfrogging from one version of Windows to another is a big deal these days, especially with Windows 7 exiting mainstream support and elsewhere in Windows land the case for abandoning XP is made once more. You’ve probably seen Windows 10 in action by this point – the question here is whether you’ll run that Windows 10 Activator you saw on

What does LSP stand for? LSP is short for Layered Service Provider. A Layered Service Provider is a file (.dll) using the Winsock API to insert itself into the TCP/IP stack. There, all the traffic between the internet and a computers applications can be intercepted, filtered and even modified. That sounds dangerous! Well, it can be. For example, it is being

Exactly a week ago, Raphael Joseph De Mesa Eigenmann, a Filipino actor famously known as Mark Gil, died of cancer, and Facebook scammers have used a so-called video of his last words to perpetuate unwanted applications. If you see the below post appear on your Facebook feed, whether it came from an acquaintance, a close friend, or a relative, we urge you to

ITsecurity Daily News: 09/02/2014 The ITsecurity daily security briefing: Tuesday, September 2, 2014.If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com.NewsPapers/Rep