Malware report – November 2016

Malware report – November 2016 snapshot

After receiving thousands of reports from our visitors, we can summarize November with only two words – Facebook virus. Undoubtedly, that was the most popular virus of this month. In the beginning, it was used to promote generic malware capable of hijacking people’s Facebook accounts and used to collect their clicks. However, during the past weeks, Facebook virus turned into a serious threat playing a very important role in the distribution of Locky. The most popular file name used to spread this ransomware is a vector file called photo_[random numbers].svg, for example, photo_4837.svg, photo_999.svg or photo_8470.svg. Beware that you can receive such “photo” from one of your friends, so there is no doubt that you should double ask all of your friends before clicking suspicious attachments received from them. Besides, you can get infected not only with Locky –  modified versions of this ransomware were detected during November as well. They are known as Aesir ransomware, Thor virus and ZZZZZ ransomware. All of them can decrypt victims’ files and ask them to make a special payment for the decryption key needed to unlock affected files. It seems that the next attack could be made on Instagram social network – several weeks ago security researchers introduced Instagram virus that poses a serious risk to its users.

Another threat that was especially active during the last couple of weeks is redirect malware. Unsurprisingly, US is known that the most affected country by this malware but there is a huge possibility that, in the nearest future, it will start spreading around Europe and other world’s regions. Fortunately, you can protect yourself from this intruder just by monitoring installation of the freeware and deselecting pre-checked check marks allowing unauthorized changes on your computer. Similarly to this PUP, security researchers recommend avoiding, and similar hijackers. Stay safe during the last month of 2016!