File Spider – ransomware threat targeted to Balkan countries

File Spider ransomware hit Balkan countries and demands ransom in 96 hours 2017 was a year when security researchers and Internet surfers had to survive many massive ransomware attacks: WannaCry, NotPetya and one of the most recent ones called File Spider crypto-malware. Since hackers are figuring out new techniques to attack users, it is crucial […]

The best ways to reduce ransomware risks

Ransomware is hot security topic for the last few years. While only few of them were successful, they have several distinct advantages over other scareware ( and aggressive malware in general): 1. They force to use irreversible payment systems like Bitcoin (and prepaid cards were working OK in the past). This is one of main […]

I am leaving Hostdime hosting and you should plan to do so too

I have hosted one of my site at Hostdime Brazil branch and after hell of weekend (Fri/Sat) I have decided to run away from them as fast as possible. There is nothing more painful than looking for hosting in South America. The prices are double of everywhere else. The networks are crap. But that is only […]

Legitimate rogues in 2015

As an owner of I have clashed with couple legitimate companies in years 2014/15 that had asked for deletions of removal instructions or reviews. Some companies had legitimate claims however others rely on the strategy that was labeled as rogue even a decade ago. By definition, rogue antiviruses have these signs : Fake databases […]

About YAC

Some time ago, I wrote on 2-viruses about hijacker . The hijack in question was done by Yet Another Cleaner – an application written by ELEX (taiwanese company). It targeted Latin/South America mostly. We categorised it as PUP – potentially unwanted application/hijack. Only some versions of this program change the settings and users could […]

Maladvertising networks use CDNs to hide their tracks

At this point there are quite significant increase in malicious browser plugins that displays ads without enough disclosure. Quite often their tracks are hidden and it is not so easy to remove them. The makers use 2 ways to start showing adware : Distributing plugins with bundles or trojans (aka “movie downloads”, etc). Purchasing popular […]

Blocking bad commentators – how to get IPs you should block.

This is an update about securing wordpress admin and blocking spam bots from writing comments. Although I use Akismet, spam bots might use up your apache children connections or make harder to find false – possitives in spam messages.  The main problem I faced is how to select IPs of commentators I want to block from […]

HotStartSearch virus – what it is and how to remove

HotStartSearch virus also known as is a browser hijacker that can be added as an application to Internet Explorer, Google Chrome or Mozilla Firefox. Usually it affects all of the Internet browsers installed on a computer. The obvious signs of this browser hijacker infection are replacement of home page, default search engine and new […]

How Delta Search Virus Works

Delta search virus (aka delta-search dot com ) is one of the major browser hijackers today. Once the toolbar is installed, it replaces home / new tab page and then it hijacks search settings. And that is about all functions it provides. Additionally, if you uninstall it, all these settings remain as they are and […]

The case of simple server backdoor

Recently, I have found that one of my servers was infected with malicious apache module. This is not something I am too proud about, but it happens. The original infection happened either through plesk or through pre-existing user. That is why I am stopping using Plesk control panels for VPS’es and DE’es I own and […]