GandCrab2 Ransomware is a virus, that uses AES (CBC-mode) algorithm to ecrypt user files. During the process ransomware adds .CRAB extension to encrypted files. Following successful encryption, GandCrab2 creates CRAB-DECRYPT.txt file. Unforunately, due to using TOR payment pages, NameCoin servers and cryptocurrency, there is no way to track the hackers, unless they make a mistake. Decryption key of previous version of GandCrab became public due to data leakage from their servers. GandCrab2 Ransomware asks 0.5 – 0.8 Dash (cryptocurrency) , which is less then before, however it still can estimate from several hundreds to more than thousand dollars.
Arrow Ransomware is new file encryption virus from Dharma/Crysis Ransomware family. Malware uses AES encryption. Unlike previous versions, it appends .arrow extension to all encrypted files. Arrow Ransomware encodes almost all types of files that can be important to users, including documents, images, videos, databases, archives. Arrow Ransomware demands from $1000 to $2000 in BitCoins for the decryption key, that they actually rarely send out. Currently, decryption is not possible, however, you can decrypt your files from backups or trying file recovery software. There is also a slight possibility, that you will decrypt your files using tips and tricks described in this article.
Search.hloginnow.net is annoying search engine developed by Polarity Technologies Ltd, a Cyprus company, that registers in browser settings after installation of unwanted browser extensions Email Login Now or Login Email Now New Tab. Add-on can have other similar name. Main page of this hijacker looks like regular search engine with search box and toolbar with links to popular websites like Gmail, Yahoo, Hotmail, Facebook and weather widget. However it is not detached search, and it relies on Yahoo Search (search.yahoo.com). Search.hloginnow.net causes certain privacy issues, such as gaining access to search history, visited websites, cookies, passwords.
Search.shroomcourt.com is distrustful search engine, that installs in Safari, Google Chrome, Mozilla Firefox along with Shroomcourt browser extension. It attacks Mac computers. It replaces default settings of search engine and homepage. Search.shroomcourt.com redirects user queries to Yahoo or Bing, and this, for some users, becomes an inconvenience. Shroomcourt extension controls browser settings, and won’t allow users to restore them. In addition, this hijacker collects search and browsing history and transfers private data to potential advertisers. Search.shroomcourt.com infection is accompanied by redirects, pop-ups, ads and other undesired consequences.
Search.chill-tab.com or Chill-tab.com is search engine, that installs along with Chill-Tab adware extension. It overrides settings in Safari, Google Chrome, Mozilla Firefox on MacOS and can be classified as hijacker. Search queries typed in search box are redirected to search.yahoo.com. This malware originates in Israel, but spreads all over the world, and homepage is translated to several languages. Search.chill-tab.com can collect private information, like search history, browser history, cookies and use this information to display ads, pop-ups and banners on shopping websites.