What is Trojan:Win64/PowerLoader!rfn? The Trojan:Win64/PowerLoader!rfn has been flagged as a damaging piece of malware that significantly degrades system performance. This sophisticated threat can stealthily infiltrate computers through various methods. One common entry point is via an infected removable device; simply plugging in such a device can trigger the activation of the Trojan. Other potential carriers…
What is Systemtransport.co.in? Systemtransport.co.in is a browser hijacker specializing in notification spam and ad fraud. It displays fake CAPTCHAs like “Confirm you’re human” to trick users into enabling notifications. If you were taken in, Systemtransport.co.in will introduce malicious adware to your system if you inadvertently click on any of the deceptive links it generates. …
About .Follow_me Ransomware The .Follow_me File Virus is a type of ransomware that locks users’ files and demands payment for the decryption key. It can mysteriously appear on your computer without you knowingly downloading it. This virus often hides in spam email attachments. Opening these spam emails (like ” “UPS Delivery Failed” email) can lead…
Cosmic Plutone – A Web Browser Hijacker Cosmic Plutone is deemed as adware and hijacker that combines browser extension hijacking with system manipulation. This malware is able to employs registry-based persistence and DNS spoofing to maintain control. Victims report 87% browser performance degradation and unexpected redirects per Google search. “After installing a ‘4K Video Downloader’…
What is QuantumPlutonius? Last Updated: March 10, 2025 QuantumPlutonius is identified as a web browser extension malware combining adware payloads with search engine redirection capabilities. Unlike traditional hijackers, it exploits Chrome’s Managed Browser API (chrome.enterprise.deviceAttributes) to establish persistence through fake organizational controls. The QuantumPlutonius extension made its “Remove” button unclickable to avoid being deleted, and…
What is Metalonica Extension? (March 2025 Threat Analysis) Metalonica is a malicious browser extension classified as stubborn browser hijacker by cybersecurity analysts. This malware combines adware payloads with sophisticated registry manipulation, primarily targeting Chrome and Edge through malicious extensions signed with stolen enterprise certificates. Unlike basic hijackers, Metalonica employs DNS shadowing to redirect search queries…
Hush Ransomware (.hush Files Virus) Hush ransomware (detected by Kaspersky as HEUR:Trojan-Ransom.Win32.Generic) is a new file-encrypting malware first documented in March 2025. Unlike basic ransomware variants, Hush employs AES-256-CTR + RSA-4096 hybrid encryption with intermittent API calls to CryptGenRandom() to bypass memory scraping defenses. Its unique fingerprint includes modifying Master File Table (MFT) entries and…
Trojan:Win32/TrapsCommonPath Virus (March 2025 Threat Report) Trojan:Win32/TrapsCommonPath (!#CMD:Trojan:Win32/TrapsCommonPath)is an advanced fileless Trojan targeting Windows 11 and Windows 10 systems. First observed this week, it weaponizes system environment variables (%APPDATA%, %TEMP%) to bypass security software through these technical maneuvers: Modifies PATH variables to prioritize malicious DLLs in C:\ProgramData\Microsoft\Network\ Creates forged Windows Defender exclusions via Add-MpPreference -ExclusionPath…
What is twnt1.ttrk.io Redirect Virus? twnt1.ttrk.io have been identified as a browser-hijacking redirect virus targeting Windows and macOS systems. This suspicious site specializes in manipulating browser configurations through registry edits, DNS spoofing, and extension injection. Unlike simple hijacker, twnt1.ttrk.io employs advanced persistence mechanisms including: Registry key modifications at HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run DNS server changes to 185.180.**.34 and…
Securitynetwork.co.in Browser Hijacker Overview Securitynetwork.co.in is detected as online scam relatedbrowser hijacker that combines ad injection with fake security alerts. We have received over 70 cases one day, all had similar experience: “Every time I opened Edge, Securitynetwork.co.in showed a fake Windows Defender alert: ‘CPU Overload Detected! Click to resolve.’ When I did, it installed…
