.zzzzz Ransomware is another variant of Locky ransomware, that adds .zzzzz extension to encrypted files. Virus encodes user files with asymmetric encryption algorithm and modifies filenames with 32-digit alphanumeric code. This makes it difficult to discern where certain files are and complicates decryption. After completing encryption ransomware creates 3 files (-INSTRUCTION.html, _6-INSTRUCTION.html, and -INSTRUCTION.bmp) and replaces desktop background image. In this files virus contains texts to persuade users to pay the ransom. Ransom is actually quite big – 3 BitCoins or ~$2200.
Plusnetwork.com is minimalistic search engine similar to Google, Yahoo or Bing. It was developed by Zone Media LTD and is distributed along with product of this company: Messenger Plus! Skype Add-on. It is used to hijack search engine and homepage settings in Google Chrome, Mozilla Firefox and Internet Explorer. Finally, all users search queries are redirected to Plusnetwork.com.
EasyPDFCombine Toolbar by MindSpark is unwanted browser extension for Google Chrome, Mozilla Firefox and Internet Explorer. This is toolbar, that provides access to online tools for PDF to DOC conversion, translation and merging documents. But in addition to that, application modifies browser search and homepage settings to hp.myway.com, that is well-known unwanted search engine.
Aesir Ransomware is another crypto-virus in the generation of Locky ransomware family. Virus uses RSA-2048 and AES-128 encryption algorithms. Aesir detects and encrypts more then 450 file types, and most sensitive are user documents, pictures and videos. Now it appends .aesir extension and has some minor technical changes in comparison to previous versions. This crypto-virus renames files with complex and random 24-character alphanumeric code separated by dashes. Ransom amount is huge: 3 BitCoins (~$2200) and there is no earthly use to pay it. Malefactors, who created this malware never send decryption keys. Aesir modifies desktop background with an image that contains information about the infection and instructions for user to pay.
SurfBuyer is unwanted advertising program that displays ads and pop-ups in Safari, Google Chrome and Mozilla Firefox browser on Mac. Ads can promote various things, like rogue software for Mac, discounts, shopping deals and other type of doubtful offers. Application installs without user permission and starts generating advertising content. In some cases adware installs “SurfBuyer” extension in browsers.