It has been widely heard that Ukash virus locks down computers & Android devices and asks for a fine that can be up to 300 US Dollars/ Euro/ CAD/ AUD for laws infringement on watching pornography, download copyrighted materials, spreading terrorism and the like. Ukash virus is what we call ransomware, which mainly stays active in western countries, that invades into a computer & Android system with Trojan to acquire victim’s IP address, system language, and the access to build-in camera before displaying a counterfeit law-breaking message entitled the governmental department accordingly. Ukash virus is not a specific virus, instead, it is used in a general sense. We made the word ‘Ukash virus’ simply because such payment method is commonly adopted by cyber criminal to collect the non-existent fine. Herein, we put some famous version of Ukash virus to have wide range of PC and Android users to look at due to the limit space:
Illoxum Pop-up should be identified as a potentially unwanted adware. Internet users might be quite familiar with those nonstop ads, popping out from the corners of the screen or the browser, forcing user to visit those ads, which are so annoying and usually interrupting user’s normal activities.
Since Illoxum Pop-up installed in the computer system, users would get plenty of pop-up ads of any kind. Most of the content can satisfy the requirement of the masses of the users. In that case, many users are delighted and curious to open those ads, searching for more discounts information. But things can’t be that easy. The reason why Illoxum Pop-up can provide so many corresponding ads to respond user’s need, is because it can be embedded in user’s browser, peeping at their browsing habits and query logs. Meanwhile, user’a favourite homepage could be changed secretly to the other strange websites have never seen before, most of these website are malicious and quite dangerous, leading innocent users to some corrupted pages which contain tons of malware or viruses, looking for the chance to infect targeted user’s system with no sign.
Illoxum Pop-up can do more than that. Once getting the ticket to enter user’s system, it becomes rampant and uncontrollable. First, it could tamper user’s desktop icon and shortcut, when user click on them, it will automatically link to some ads websites. More than that, user might found many ads links added in the browser menu and favorites, and in most cases, these annoying links are not easy to remove. Illoxum Pop-up is so sly to add its startup, intending to start up along with the system, users can hardly discover it. With Illoxum Pop-up related processes running in the system background, taking up more and more memory to slow down the system’s performance. Under this circumstance, applications can’t run normally and the system becomes easily crashed. That is when user should realize that virus has been infected with their system and the only way to solve the problem is to remove Illoxum Pop-up right away.
Search-Guru.com redirect can corrupt Internet Browsers with malicious traits, classified as Browser Hijacker. It has high ability to either make its victimized computers abnormally worked or acquire malicious profits meanwhile. The Search-Guru.com redirect often hides in some unsafe website like porn site, a propagated source of a plenty of viruses. Besides that, the redirect virus also can be bundled with some Third-Party windows freeware or shareware, only once click on the freeware, the Search-Guru.com redirect virus will automatically add itself on Internet Browsers without any consent. Even it can background exploit increasingly malicious rogue programs or malware in order for completely taking overt the infected computer. Thus, it will contribute to the convenience for the virus makers damaging system and confidential data theft.
The redirect website Searchnu.com, classified as browser hijacker, endowed with high capability to compromise user’s computer especially to the Internet Browsers thereby forcedly governing it in order for malicious profits. More precisely, the Searchnu.com virus is designed to access to victims’ computers and present fraudulent pop-ups to prospective victims so that the virus makers can gain money by conducting fraudulent transactions or stealing confidential data. Usually you may get infected with such Searchnu.com redirect virus from some website in the shape of an attractive or helpful program which in fact has the harmful malware embedded in it. The malicious redirect virus can be bundled with such software. So that, once click, the virus can fast embed on Internet browsers. Besides that, spam email and unreported email attachments are still the possible place where the Searchnu.com virus propagates from. You can see the malicious virus screen shot as bellow.
Metropolitan Police Virus should be classified as ransomware cheating internet users for money by blocking their PC screens and showing a false notification . Users are so intimidated and afraid to associated with the law, so they would rather pay the money than getting into trouble, which adds to the power to Metropolitan Police Virus just in time.
Ad.yieldmanager.com is a pop-up adware that appears not only Firefox, but also Internet Explorer and Google Chrome. It acts in two different ways, they respectively are:
*Ad.yieldmanager.com keeps randomly popping up, wanting to open or save get-user-id.js from it on Yahoo mail.
*Ad.yieldmanager.com keeps popping up commercial ads during browsing session.
(Here is one of the ads that ad.yieldmanager.com displays)
Adware:Win32/AddLyrics comes out as a detrimental browser extension, capable of generating web traffic on Windows operating system typically. In a general way, Adware:Win32/AddLyrics virus can be activated while open browsers normally, including Internet Explorer, Mozilla Firefox, Google Chrome and Safari Opera. And then, the Adware:Win32/AddLyrics would present its Add Lyrics ads page covered on browsers, claiming that Add Lyrics program provides Lyrics to any songs on YouTube and display them alongside the music video for computer users. In reality, being utilized as a hack tool by cyber criminals, Adware:Win32/AddLyrics has been known as a nasty malware that makes damage on affected PC and it is indispensable to remove Adware:Win32/AddLyrics for good and do not download any programs that related to Win32/AddLyrics for the sake of avoiding inserting vicious codes and files.
Have known Doko-search.com hijacker seems to have a super ability to forcibly redirect any website to Doko-search.com. It pretends to be kind and reputable, which looks no difference with those authoritative search engines such as Google. If users are careless or did not pay attention on it, using Doko-search.com as the default search engine, it will successfully deceive the majority of innocent users, forcing them to browse malicious websites and be suffering.
One shocking warning delivered by Cyber Command of Washington virus which left the victim a deep impression. By locking the computer screen and listing a few laws and regulations, it has successfully frightened a large number of innocent users and asking them to pay a 300-dollar fine for unlocking the Android phone screen or computer, otherwise, they will get in serious trouble.
Afterwards, Cyber Command of Washington virus is identified as a ransomware very soon. Hackers use some specified and sophisticated technologies to invade into targeted user’s system, secretly launch the virus to implement the lock-up. Having grasped the psychology of the people who are convinced of the law, cyber criminals use an official tone to accuse the innocent users of using and spreading copyrighted content, and claiming that they must pay the fine within the valid term. Under this circumstance, most of the users have no idea about what happened, and easily to be panic, because the computer screen is locked over a very long period of time, they don’t know what terrible thing will happen to the computer, so they choose to follow the order and pay the inexistent fine faithfully. Unexpectedly, this is a cunning trap designed by evil cyber criminals. And it is already too late till they realized they are fooled.
An Garda Síochána virus is sophisticated as a latest variant Ukash ransom virus, which comprises a class of malware that restricts access to the affected computer and Android operating system, displaying bogus notification to threaten PC & Android users to pay nonexistence fee to release locked machine. Being endowed with similar properties as other ransomware, An Garda Síochána Android virus utilizes the camouflage of Ireland’s National Police Serve to aggrandize its authenticity. As soon as a target machine is attacked by the Garda Síochána virus, it can contact the Command and Control server that servers as centralized coordination used to send commands and receive outputs of machines part of a botnet, which has the ability to assist Garda Síochána virus to detect the authentic operating environment. In this case, An Garda Síochána ransom Android malware is capable of picking up a local graphic language and accurate Police alerts to enrich its camouflage. Thus, Victims may receive different versions of Garda Síochána Android scam once being attacked.
