Opera Blacklisted the Tampermonkey Chrome extension

Opera has recently blacklisted the Tampermonkey 4.7.54 extension offered on the Chrome Web Store claiming it to be malicious. Let us read more to know about this popular user script manager & reasons for its abandoning by Opera.Chrome Web Store is facing an uphill battle from the last few years for hosting malevolent add-ons that claim to enhance your web browser capabilities.

 

Tampermonkey, the widely used free browser extension known to manage user scripts & offer valuable features to improve user’s browsing experience has been declared malicious by the infamous Opera web Browser. So if you have installed Tampermonkey 4.7.54 extension from Chrome web Store in Opera Browser & using it, you will be alerted by the warning.

The popular user script manager extension, Tampermonkey has over 10 million users & is available for all the popular browsers including Chrome, Safari, Opera, Firefox & Microsoft Edge. The distinctive attributes offered by the extension include.

• ·             Clear Overview over the running scripts.

• ·             ZIP- based import & export

• ·             A built-in editor

• ·             Automatic Update checks

• ·             Browser & Cloud Storage based synchronization

 
Opera revealed that it discovered a malware installing the version of Tampermonkey found on the Chrome web Store with extension ID dhdgffkkebhmkfjojejmpbldmpobfkfo. The malware was spread using alternative distribution option depicting that the extension was being installed manually via the JSON or registry. If you visit Opera’s extension manager to know the reason for Tampermonkey’s removal, it reveals that the extension has been blocked by Opera as it is malicious and informs the user to either leave or remove it. On the contrary, if you downloaded the extension from Opera Store you will have no problem because it hosts the older version of the extension i.e. 4.2.5291.

To Read More Click Here

·             

 

How to remove Idle Buddy Virus?

Idle buddy Virus is a Malware that is categorized as a Trojan. It is a crypto currency miner that uses the systems resources to mine for digital currency without the user’s approval. Lack of system resources hampers the functionality of the remaining software which results in frequent system crashes.

What is Idle Buddy Virus malware?

Idle buddy Virus is a Malware that is categorized as a Trojan. It is dangerous to leave this malware trojan unattended. Idle buddy virus is a crypto currency miner that uses the systems resources to mine for crypto currency without the user’s approval. It slows down the system as other programs don’t get the required system resources to perform their tasks.
Idle buddy virus is distributed using software bundlers. It gets installed on the PC when the user is installing third party software or freeware without checking the installation steps for additional software.

Threat Behavior

Idle buddy Virus is a threat to the system. This is a malware that is categorized as a Trojan. Idle buddy virus uses the system resources and mines for crypto currencies like Bitcoin, Monero, Litecoin etc. It uses more than 90% of system resources and diverts the RAM and graphics card resources to mine for crypto currency.
The idle buddy virus creates malicious files namely ibservice.exe, xmrig.exe and code86.exe in the desktop, temporary files and download directories.
The computer processing speed slows down and the programs take longer to load. As a result, these programs freeze and lag as they do not get the required processing power to work smoothly.
Idle buddy virus gets installed in the system via software bundlers. It is advised to use custom setting when installing third party software. Some programs contain additional software that get installed on the system if the user is not careful during the installation steps. Always make sure to uncheck the option to install this software so that your PC does not get infected.
Idle Buddy virus not only affects the software, it can also damage the hardware. Since it uses the system resources at full power for long durations, it can make the CPU temperature to soar and remain high for a very long time. This will, in turn, damage the vital and sensitive components of the CPU.

To Read More Click Here

Apple Pulled out iPhones from Germany

The Tech Giant, Apple was ordered to remove new iPhones from German Stores by a Munich Court. This injunction was followed after the renowned chipmaker company, Qualcomm filed a patent lawsuit against Apple for infringing its power saving technology in two of Apple’s models- iPhone 7 & iPhone 8. Soon after the injunction, Apple pulled down these models from German Stores

The Tech Giant Apple did not have a pretty good start for the year 2019 as two of company’s model iPhone 7 and iPhone 8 have been banned from sale in its retail German stores.Apple removed two models after an injunction was issued by a Munich court in relation with a patent lawsuit brought by California based chipmaker Qualcomm. This patent conflict involves smart phone power management technology that extends battery life.

Insight In to the Patent Infringement Case

The renowned chipmaker company posted around $1.5 Billion in a security obligation to effectuate a German Court decision from 20th December that levied precursory injunctions on iPhone 7 and iPhone 8.According to a report by MacRumors, Qualcomm posted security bonds to cover probable damages that Apple might experience while appealing the iPhone ban in Germany.The Munich Court supported Qualcomm after finding that Apple had infringed Qualcomm Smartphone power saving technology in two of its models, iPhone 7 and iPhone 8 on 20th December 2018. The court granted a permanent injunction to Apple & asked them to cease the sale & importation of infringed iPhones to Germany.


To read More click Here

How to Get Rid of Criakl Ransomware?

A new variant of Trojan Cryakl hit PCs across the globe on 24th December 2018, which has been named as Criakl Ransomware. It invades the PC via malicious e-mail attachments. Once installed, it encrypts most of the files, alter the desktop wallpaper with a ransom note & an image of Fantamos, a villain from 1964 French movie. It demands users to contact the malware author within 48 hours & transfer certain amount to retrieve encrypted files.

 

Guide to Remove Criakl Ransomware

A new Ransomware began to spread on 24th December 2018 as a nice Christmas present to people across the globe. This has been identified as Criakl Ransomware & claimed to be a newer version of Trojan Ransomware Cryakl. The researchers first encountered Cryakl in the spring 2014 & since then it has continued to appear sporadically. 

However, it has not been an intensely active or widely distributed Ransomware, particularly in UK.Initially, it used to get distributed through archives attached in the e-mails; however, the e-mails got diversified later & appeared to be messages from certain organizations. Following the encryption of the files on the victim’s computer, the Ransomware creates a long key & sends it to C&C server. Recovering the compromised files without this key is beyond the bound of possibility. 

 

What is Criakl Ransomware?

Ransom: Win32/Criakl.C is a Ransomware that disguises as a legitimate application; however, upon installation it encrypts a number of files on the infected system & demands a ransom against their decryption.The security researchers revealed that Criakl Ransomware uses a file named winrar.exe, which takes the innocent users into thinking that they are dealing with a legit app.

Following this accidental installation by innocent users, the Ransomware takes over the PC, encrypts all the files & a ransom note begins to reflect in every folder & on the desktop as well.The Ransomware will then alter the desktop wallpaper of the infected system to a picture of Fantamos, the villain from the 1964 French movie & demands a ransom for decrypting files.

To Read More Click Here

Android Nemesis MobSTSPY Spreads worldwide Via Google Play

An Android spyware masquerading as legitimate applications has struck more than 100,000 victims in 196 countries. Detected as ANDROIDOS_MOBSTSPY & dubbed MobSTSPY, the malware is widespread & has also managed to infiltrate Google Play with at least six different apps. Let us read more to know MobSTSPY’s threat behavior and precautions to be undertaken to avoid its invasion.

An Android Spyware disguised as games & utilities struck more than 100,000 victims in 196 countries before being taken out of Google Play. Detected as ANDROIDOS_MOBSTSPY & dubbed MobSTSPY, the malware initially grabbed attention when it was masqueraded as a called Flappy Birr Dog.While it is common to find unarmed goods in third party app stores, MobSTSPY managed to infiltrate the authentic & reliable App Store i.e. Google Play with at least six different apps in 2018. These apps include:

• FlashLight,
• HZPermis Pro Arabe,
• Win7imulator,
• Win7Launcher, and
• Flappy Bird
• Flappy Birr Dog

 

 

These apps pose as legitimate & claim to be torches, games & tools for productivity. Some of these have seen 10,000 download from users around the world. Though malware invasion in devices is common, but what makes this case more interesting is the widespread distribution of its applications.Among the countries where the malware is scattered include Poland, Mozambique, Thailand Iran, Mexico, Tanzania, Vietnam, Algeria,  Romania, Cambodia, Italy, Morocco, Malaysia, Kazakhstan, Germany, Iraq, Sri Lanka, Philippines, Argentina, Belarus, Saudi Arabia, the United Republic of Hungary & South Africa.

To Read More Click Here

 

Attack of Ryuk Ransomware in th US

Several major U.S. newspaper publications including the Los Angeles Times, the San Diego Union-Tribune, and all Tribune Publishing reported they were victims of production-disrupting cyber attacks bearing the signature of Ryuk Ransomware...  > around the holidays. Let us get some insights on this latest string of Ransomware campaign. Ryuk ransomware is believed to be the culprit behind the impeded printing & delivery of major newspaper publications in the United States i.e. Los Angeles Times and Tribune Publishing.

The malware attack on Tribune Publishing’s software systems was discovered on 28th December 2018. The abuse on the software delayed weekend distribution of the newspaper & affected Tribune publications throughout the country. Among the publications affected include:
Baltimore Sun, Capital Gazette, Chicago Tribune, Hartford Courant, Wall Street Journal, New York Times, Carroll County Times, Lake County News-Sun, the South Florida Sun-Sentinel & Post-Tribune.

The Los Angeles Times & San Diego Union-Tribune that were formerly part of Tribune Publishing newspapers were also slammed by the Ransomware. The print editions of the affected newspapers were published on Saturday without obituary section & paid classified ads according to the publications. The attack is believed to have originated outside the US and intended to create chaos & disable infrastructure rather than steal information. The publication further alleges that no subscriber personal details were compromised. Also, it is known that publication’s websites or online editions remained unaffected.

To Read More Click Here

Facebook User Account Timeline Manipulated by Clickjacking Bug

A Polish security researcher & analyst with the Twitter username ‘Lasq’ revealed that the Social Media Giant, Facebook is afflicted by Clickjacking Bug, which automatically adds spam links on the Facebook user’s wall. The security professional discovered a technique used by miscreant & used Bug bounty program to submit the report to the company. According to the resources, the ongoing Spam Campaign on Facebook seems to have a prolonged life as Facebook has denied dismissing Clickjacking Bug because it does not alter the state of the account.

The behavior of Clickjacking Bug

The Polish security expert began to analyze the Spam Campaign on Facebook after he observed many of his friends broadcasted a link to a website with amusing pictures. The Facebook users had to confirm that they were at least 16 years old before they could access humorous content. Once the user clicks on the button, he will be redirected to a page with amusing & comic content and a lot of ads. Meanwhile, the same link you just clicked on will appear on the user’s Facebook wall.

The security alpha geek was determined to investigate further after an iFrame Tag was detected in the source page. He also found that the iFrame contained various links & URL for sharing content on Facebook.Lasq tested this suspicious iFrame Tag with popular browsers like Chrome, Edge, Internet Explorer and Firefox & found that every browser tossed X-Frame-Options Error.

To Read More Click here