HackDig : Dig high-quality web security articles for hackers

SearchDimension search hijackers: An overview of developments

Background information on SearchDimension SearchDimension is the name of a family of browser hijackers that makes money from ad clicks and search engine revenues. The family was named after the domain searchdimension.com that popped up in 2017, and they still sometimes use the letter combo SD in the names of their browser extensions. Recent development
Publish At:2020-12-29 12:42 | Read:289 | Comments:0 | Tags:Adware PUPs adware default browser extension managed notific

Apple security hampers detection of unwanted programs

Anyone who uses Malwarebytes software is probably familiar with the fact that, in addition to things like malware and adware, Malwarebytes detects potentially unwanted programs (PUPs). These are programs that exhibit a variety of unsavory behaviors, but that, for legal reasons, cannot be called malware. PUP (n): a program that may include advertising, to
Publish At:2020-11-24 14:12 | Read:275 | Comments:0 | Tags:Mac Apple macOS PUPs security

WebNavigator Chromium browser published by search hijackers

A mystery Chromium browser recently made a sudden appearance, and is certainly proving popular. But what is it, and where did it come from? Malwarebytes detects the browser as PUP.Optional.WebNavigator, and we found several clues that this browser was brought to you by a notorious family of search hijackers. That family isn’t new to us—we report
Publish At:2020-11-17 14:30 | Read:315 | Comments:0 | Tags:Adware PUPs browser chromium Malwarebytes Privacy search hij

Mac adware is more sophisticated and dangerous than traditional Mac malware

As the data revealed in our State of Malware report showed, Mac threats are on the rise, but they are not the same type of threats experienced by Windows users. Most notably, more traditional forms of malware, such as ransomware, spyware, and backdoors account for over 27 percent of all Windows threats. That figure is less than 1 percent for Macs. Furthe
Publish At:2020-02-27 15:59 | Read:1035 | Comments:0 | Tags:Mac adware bundlore crossrider mac Mac adware mac threats ma

Billion-dollar search engine industry attracts vultures, shady advertisers, and cybercriminals

Search engines make money by showing users sponsored advertisements—a lot of money. This attracts attention, competition, and plenty who want a piece of the action without doing the actual work or considering the impact to those on the other end of the search bar. Because in the search business, even the crumbs are interesting. In this post, we look at th
Publish At:2020-01-06 21:50 | Read:1487 | Comments:0 | Tags:PUPs adfraud advertisements adware extensions hijackers pote

Mac threat detections on the rise in 2019

Conventional wisdom has been that, although not invulnerable to cyberthreats (as some old Apple ads would have you believe), Macs are afflicted with considerably fewer infections than Windows PCs. However, when reviewing our 2019 Mac detection telemetry, we noticed a startling upward trend. Indeed, the times, they are a-changin’. To get a sense of h
Publish At:2019-12-16 16:50 | Read:1439 | Comments:0 | Tags:Mac browser extensions Mac adware mac malware mac telemetry

The Magala Trojan Clicker: A Hidden Advertising Threat

One large group will slowly conquer another large group, reduce its numbers, and thus lessen its chance of further variation and improvement. <…> Small and broken groups and sub-groups will finally tend to disappear. Charles Darwin. ‘On the Origin of Species’ The golden age of Trojans and viruses has long gone. Malicious programs
Publish At:2017-07-12 10:00 | Read:4428 | Comments:0 | Tags:Research Adware PUPs Trojan

PUP Friday: Bubbling Over

At Malwarebytes Labs, we’re never short of PUPs to analyse and explore. As per our telemetry to date, SweetIM is one of the top PUPs Malwarebytes Anti-Malware (MBAM) detects and removes from our clients systems. In order to get to know what SweetIM software does on a user’s system, we have selected Bubble Hit by GamePacks (MD5: 0326564318717b9826c4b81eb5d342
Publish At:2016-05-21 10:20 | Read:5473 | Comments:0 | Tags:PUPs Threat analysis bubble hit gamepackers PUP Friday sweet

PUP Friday survey results and feedback

In the beginning of the year, we asked our readers for their input about our PUP Friday initiative. For those of you that took the time to fill out the survey or post their comments, thank you for your feedback and continuous support! The numbers We had hundreds of readers that filled out our survey. Which is pretty great. Thanks for that. Over 95% of them a
Publish At:2016-04-16 10:50 | Read:4478 | Comments:0 | Tags:PUPs Threat analysis feedback PUP Friday results survey

SafeSoft Protector Abuses Privoxy

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2016-04-09 22:35 | Read:3746 | Comments:0 | Tags:PUPs Threat analysis PUP PUP Friday safesoft protect techsna

AdLoad: an advertisement bombarder

While looking into an infection associated with a “system optimizer”—Didn’t we say they’re digital snake oil?—we identified a multi-functional installer called FAsetup1.exe (md5 902e30fa3dc4bf543b523b4a41eb8acd) as the source. This file offers a variety of different bundlers and scams that are usually different every time you run the
Publish At:2016-04-06 21:35 | Read:5494 | Comments:0 | Tags:PUPs Threat analysis adload advertisement fake alert Malware

Vonteera Adware Uses Certificates to Disable Anti-Malware

Vonteera is an adware family that has been around for years. They stand out from the rest because of their very intrusive changes to the affected systems, which is why you will see them classified as Trojan by some anti-malware solutions. Recently, they added a new trick to their arsenal: using system certificates to disable anti-malware and anti-virus softw
Publish At:2015-11-20 21:25 | Read:4748 | Comments:0 | Tags:Security Threat Anti-Malware antivirus certificates malware

This isn’t the Java I ordered!

On several sites, we have seen reports of popups that look very similar to the one Java used to notify users when the content of a site requires the Java plugin to show the full content. But if we follow this particular prompt we get something completely different called “Media Downloader”. The downloaded file is called setup.exe and is recognized by a few
Publish At:2015-10-22 14:50 | Read:5103 | Comments:0 | Tags:Online Security fake java Pieter Arntz popups PUPs

eFast browser hijacks file associations

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2015-10-17 08:50 | Read:4359 | Comments:0 | Tags:Online Security Pieter Arntz PUP Friday PUPs

Don’t take this Lucky Wheel for a Spin…

Today we’re going to look at another site which wants you to fire up Whatsapp and spam messages to friends [1], [2] in order to claim a prize. In this case, the route to victory involves their so-called Lucky Wheel. The Bit.ly URL bit(dot)ly/globalwheel has been doing a roaring trade in clicks since the 7th of July, with a total of 432,205 clicks so fa
Publish At:2015-07-16 10:30 | Read:10724 | Comments:1 | Tags:Online Security lucky wheel Mobile PUPs spam whatsapp


Tag Cloud