Ionanewsupdate.info is another domain, used for social engineering attack. The main purpose of its developers is to create push-notifications Google Chrome, Internet Explorer, Edge, and Mozilla Firefox, and display ads and pop-ups in those browsers. Malware can also perform redirects to advertising pages. Ionanewsupdate.info is one of the thousands temporarily used websites. Users, grant access to show push notifications for Ionanewsupdate.info occasionally. Website, encourages people to click Allow button, using vague wording and false information.
Tionsnewsupdate.info is website, that displays ads, pop-ups in browsers, and push notifications on the desktop (bottom-right corner). Since Google implemented push-notifications for its Chrome browser, Microsoft and Mozilla did the same for Internet Explorer, Edge and Firefox, respectively, malefactors started to use this function for personal gain. Tionsnewsupdate.info will be used temporary, until this domain will be added to antivirus databases and browser’s block lists. Then, developers will switch to another randomly named site. Main goal is to make users allow notifications from advertising website, like they allow notifications from news websites, social networks and numerous online services. It a usual thing, when users lose their vigilance and unconsciously or inadvertently grant Tionsnewsupdate.info opportunity to show push-notifications.
GandCrab V5.0 Ransomware is fifth generation of high-risk GandCrab Ransomware. Probably, this virus was developed in Russia. This crypto-extortor encrypts user and server data using the Salsa20 algorithm, and RSA-2048 is used for auxiliary key encryption. 5-th version appends .[5-random-letters] extension to encrypted files and creates ransom note called [5-random-letters]-DECRYPT.txt. Examples of ransom notes: VSVDV-DECRYPT.html, FBKDP-DECRYPT.html, IBAGX-DECRYPT.html, QIKKA-DECRYPT.html. GandCrab V5.0 Ransomware demands $800 ransom in BitCoins or DASH cryptocurrencies for decryption. However, often, malefactors deceive users and don’t send keys. Thus, victim won’t recover her/his files, but put credentials at risk on doubtful exchange of cryptocurrencies.
Zippnewsupdate.info is domain used for hosting advertising content, ads and push notification serving, pop-ups display and redirects in Google Chrome, Mozilla Firefox and Internet Explorer. Presence of Zippnewsupdate.info ads on browsers can mean, that your computer is infected with adware, or that you’ve visited malicious website. Zippnewsupdate.info may redirect to sites with adult content, gambling sites and online casinos, phishing bank pages, shopping sites, third-party news portals.
Search.playsearchnow.com and PlaySearchNow are, respectively, bothersome search hijacker and extension for Safari, Google Chrome and Mozilla Firefox browsers running on Mac OS. PlaySearchNow is add-on, that installs in browsers, in the first place, and then captures search engine and homepage settings. Malware modifies them to search.playsearchnow.com, which looks characteristically for this type of threats. If users start using new engine, their searches will be redirected to Yahoo, Bing or some unknown third-party resource. The purpose of applications like this is to get revenue from advertising generated by people using this rogue search. Users should be aware, that along with search redirects, PlaySearchNow gets access to some browsing data, like history, cookies etc. This may this may have negative consequences for overall security of your Mac and privacy in the future.