Smartphone malware

Greatcaptchahere.top is a website that deceives visitors into allowing notifications by showing fake CAPTCHAs. The website is usually found through rogue advertising networks, and users do not intentionally visit the site. Greatcaptchahere.top claims that visitors need to click the "Allow" button to prove they are not robots, but in reality, it's a trick to gain permission to display notifications. The notifications displayed by Greatcaptchahere.top can contain false information, such as claims that a computer is infected with multiple viruses. These notifications can also lead users to various untrustworthy sites, including phishing pages, websites hosting adware, browser hijackers, and malicious software. In addition, Greatcaptchahere.top may redirect visitors to other similar pages that host scams and untrustworthy software. It is essential to avoid visiting Greatcaptchahere.top and any pages promoted through it to protect your computer and personal information. To avoid accidentally visiting deceptive websites, users can install reputable ad-blocking software and keep their browser and antivirus software up to date. Follow instructions on the page to remove Greatcaptchahere.top ads, pop-ups, and notifications from Google Chrome, Mozilla Firefox, Safari, Edge on Windows, Mac, Android, or iOS.

Rankcaptcha.top is a website that operates several subdomains such as a.rankcaptcha.top, b.rankcaptcha.top, c.rankcaptcha.top, and others. This website has been reported as a ad-generating site that tries to deceive users into subscribing to its notifications service. Site notifications are messages that appear on the screen, usually in the lower right-hand corner of the screen on Windows, in the top right-hand corner on macOS, and on the notification zones on Android and iOS. Rankcaptcha.top claims that clicking "Allow" on its "Show notifications" pop-up will help users verify that they are not bots. However, once a user clicks "Allow," notifications from Rankcaptcha.top will begin appearing on their screen with ads, links to dubious sites, fraudulent messages, prompts to download potentially unwanted programs, and other unwanted content. This is quite annoying and there is no way to stop it unless you remove certain settings from browsers. Unfortunately, most antiviruses just won't detect malicious activity, because often it is just modified setting in Google Chrome, Mozilla Firefox, Safari, or Edge. Follow detailed guide below to remove Rankcaptcha.top notification ads and prevent such ads in the future.

If your iPhone suddenly shut down black and simply trying to boot it back does not help, then you are on the right guide to fix it. The "black screen of death" is a term used to describe a problem where an iPhone's screen remains black and unresponsive, even when the device is turned on. The reason your iPhone may abruptly go black can be related to various issues, including a temporary glitch, battery drain, or even hardware problems, which would require professional interference to identify and resolve the issue. Sometimes, a software glitch can cause the iPhone to freeze, resulting in a black screen. In this case, force restarting the iPhone can often fix the issue. To force restart your iPhone, press and hold the Sleep/Wake button and the Home button (for iPhone 6s and earlier) or the volume down button (for iPhone 7 and later) simultaneously for at least 10 seconds until the Apple logo appears. Of course, if there was a water damage or jailbreak attempt, there are small chances for recovery, but in many cases problem can be solved. However, before spending your precious time on handing your iPhone to a service center and paying money for its diagnostic, make sure you try the solutions listed in our guide below. Many users manage to fix the black screen of death on their iPhones fast and easily. Let's get started.

Nexus is the name of a banking trojan that targets Android devices in order to extract banking and finance-related information. According to the detailed research conducted by Cyble, this trojan is assumed to be a rebranded version of the S.O.V.A trojan which has similar capabilities. As a rule, banking trojans acquire access to the targeted device by disguising themselves as legitimate apps and asking users to enable Android Accessibility Services in order to use the app's features or the app itself. Unfortunately, if permissions like this get enabled for trojanized apps, they will misuse them to grant additional permissions, prevent users from disabling them, and turn off various security measures like Google Play Protect. It is known that Nexus targets over 40 popular banking applications. To force users into entering sensitive information (e.g., passwords, passcodes, IDs, usernames, etc.), the virus downloads the appropriate HTML injection code to create a fake overlay of a specific bank app that a victim is using. This way users enter their log-in credentials without suspecting they could be recorded and sent to the cybercriminals' servers afterward.

Vip.lucky-gifts-center.com is a scam service that provides users an opportunity to participate in giveaways. This website sends a message to your iPhone that can be seen in the notification bar. If opened, you will be presented with a congratulation message claiming that you have been selected out of 100 users to take part in the survey and win awesome prizes. If you completed the survey successfully, you will be offered to choose 1 of 2 prizes (iPhone XS or Samsung Galaxy S9). On this page, you can see the remaining quantity of products and shipping prices that should be paid to get your prize. Unfortunately, this is a trap and you will not get your promised gifts. Do not give your personal data like home addresses to shady figures because they can exploit it for revenue purposes. Instead, ignore these messages and head down our guide to remove them from your devices.

BrasDex is categorized as a banking virus that infects Android (and Windows) devices to access bank accounts and steal money from victims. This specific banker has been observed targeting victims in the Brazilian region - recently via a fake banking app named "Brazilian Banco Santander". Previously, it used to infiltrate devices by disguising itself as essential Android settings applications. BrasDex abuses Accessibility Services to record the information entered into banking applications. However, instead of showing overlaid (fake) screens to bait users into entering their log-in credentials, it instead keyloggers them inside targetted banking applications themselves. Unlike other banking malware, BrasDex also employs an ATS (Automated Transfer System) mechanism, which allows cybercriminals to perform fraudulent transactions in an automated way - therefore automating malicious business and increasing illegal profits. In addition, it is also known that BrasDex exploits a popular Pix fast payment system that was developed by the Central Bank of Brazil. This makes its easier for cybercriminals since all they require is the victim's identifier (which can be an email, CPF, phone number, or random ID). Please note that the Pxi system is not vulnerable - threat actors simply use this system to speed up the process of fraudulent transfers. A lot more technical information about BrasDex can be discovered in this report made by ThreatFabric. BrasDex is a dangerous virus that can cause unpleasant financial losses and privacy issues - thus, make sure to read our guide below and delete this devastating malware from your device. Once done, it is also important to change your log-in credentials.

GodFather is the name of a banking trojan that targets Android devices. Developers behind this malware seek to exfiltrate account credentials and use them for accessing 400+ online banking pages and crypto exchanges across 16 countries worldwide. The GodFather trojan functions by creating overlaid log-in screens and displaying them over legitimate apps or web pages. This way, it tricks users into entering their login data on fake screens, which allows threat actors to access finance-related accounts and abuse them for financial fraud. Before GodFather becomes capable of performing such malicious action, it needs users to allow certain permissions (access to SMS texts and notifications, screen recording, contacts, making calls, recording to external storage, and reading the device status) in the Accessibility Service window. The trojan does it by imitating the legitimate "Google Protect" tool, therefore making the process look ordinary and less likely to trigger suspicion from users. After the permissions are granted, the trojan gets complete liberty to run its malicious actions. GodFather also abuses the granted access to complicate manual removal, steal two-factor authentication codes, process different commands, and hijack data from PIN and password fields. If you want to learn more about the technical specs of GodFather banking trojan, you can check out this page. In summary, GodFather is a highly-devastating infection that can lead to significant financial losses, which is why it must be removed completely and without traces from your device. Use our guide below to do it.

Almost every popular browser can brag about the inbuilt push notifications feature that allows users to subscribe to notifications from various websites such as news portals and receive them right on the desktop. This way, users can get a faster and more convenient experience by staying aware of the latest updates from the desired webpage. In some cases, however, inexperienced users may become victims of dubious pages that promote unwanted or malicious ads by tricking users into allowing their push notifications. Such pages often display fake messages similar to "Press Allow to verify that you are not a robot", "Download is ready. Click Allow to download your file", and so forth. After allowing push notifications from such websites, the user's desktop will start being continuously bombarded by unwanted notifications that promote redirects to suspicious/malicious pages. No matter which type of website you've eventually subscribed to, read our guide below to turn off normal and also potentially malicious push notifications if that is the case.