Trojans

DPD Delivery Email is a scam-based message delivered to users via e-mail. Whilst trying to shadow itself behind DPD (a legitimate delivery service), cybercriminals aim to spread a trojan known as DanaBot. To make users pull the infection process, they say your parcel is on the way and soon to be delivered. To track the status and location of a package, you should click "Run Parcel Track", which will drop you over the download page. On this page, there will be an archive containing a malicious JavaScript file (with .js extension). If downloaded, the trojan will spread into your system and gather banking details like passwords entered during the browsing session. Then, the collected information can be sold or used on their own to hack the recorded accounts. Also, the spam message offers to install a DPDgroup application. To do this, you are guided to click on "Find our more", which leads to the same page with the infection. In addition to that, you should know that fake e-mail campaigns can be the source of ransomware infections as well. They do exactly the same trick pushing users into downloading malicious files (MS Office documents, PDFs, or executables).

CryLock Ransomware literally forces users to cry about their data that has been encrypted after sudden penetration. Being a variation of Cryakl Ransomware, this is one of the viruses of such type use cryptographic algorithms to ensure strong encryption and demand paying a ransom. Unlike other ransomware, that use one mutual extension for each file, this specific program assigns a new name to affected files that consist of cybercriminal's e-mail, victim's personal ID, and random three-digits extension. For instance, non-infected 1.mp4 will be retitled to 1.mp4[grand@horsef***er.org][512064768-1578909375].ycs, 2.mp4[grand@horsef***er.org][512064768-1578909375].wkm, and similarly. Some victims experienced a change like this 1.mp4[reddragon3335799@protonmail.ch][sel1].[7478ECA4-42759A9D]. Once the process has finished, CryLock will display a window in front of victims that contains ransom details.

Idle Buddy is a potentially unwanted application that causes various privacy problems and slows down your PC significantly. It is worth mentioning that Idle Buddy is neither adware nor browser hijacker. It has not been classified in any of these categories just yet. Although, it is created for exactly the same purpose - collecting personal details such as passwords, credentials, IP-addresses, and other units that can be sold to third-parties. Apart from that, the application can be detected running in Task Manager and pressuring the system by loading a lot of resources. Unfortunately, even if you close the app, it will reboot itself numerously until it is installed on your PC.

Yaoffer50160.exe is a trojan-based file that infects users with adware. There are some indications, that this file is related to an unwanted advertising app called uBar. Trojans are a type of virus that executes so-called chain infiltrations. The range of malware may vary from innocent adware to more dangerous ransomware that encrypts users' data forever. Often times, trojans may require interaction from remote servers that are hacked by frauds to fulfill its purpose. Thus, most developers abuse poor connections and RDP configuration to take control of the PC and inflict it with trojans. When it comes to adware, it alters some settings to push unwanted advertisements on the desktop. There are also cases when after removal of the file users see an error message on startup, like "Windows cannot find Yaoffer50160.exe".