Skip to main content
20 entries found.
Updated on Sep 24, 2018

Windows Defender Antivirus detects and removes this threat.

This threat uses an infected Microsoft Office file to download ransomware and other malware onto your PC.

It can arrive on your PC as spam email attachment, usually as a Word file (.doc).

As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface (AMSI), enabling Windows Defender ATP and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Learn how this integration exposes malicious intent even with heavy obfuscation: Office VBA + AMSI: Parting the veil on malicious macros.

 

 

Alert level: severe
Updated on Sep 24, 2018

Windows Defender Antivirus detects and removes this threat.

This threat uses an infected Microsoft Office file to download ransomware and other malware onto your PC.

It can arrive on your PC as spam email attachment, usually as a Word file (.doc).

As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface (AMSI), enabling Windows Defender ATP and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Learn how this integration exposes malicious intent even with heavy obfuscation: Office VBA + AMSI: Parting the veil on malicious macros.

Alert level: severe
Updated on Jan 29, 2017

Windows Defender Antivirus detects and removes this threat.

This threat tries to steal information about your PC, including the usernames and passwords you use for online banking.

We have seen it downloaded by members of the Donoff trojan downloader family, such as TrojanDownloader:O97M/Donoff or TrojanDownloader:O97M/Donoff

Find out ways that malware can get on your PC.  

Alert level: severe
Updated on Jan 25, 2017

Windows Defender Antivirus detects and removes this threat.

This threat tries to steal information about your PC, including the usernames and passwords you use for online banking.

We have seen it downloaded by members of the Donoff trojan downloader family, such as TrojanDownloader:O97M/Donoff or TrojanDownloader:O97M/Donoff

Find out ways that malware can get on your PC.  

Alert level: severe
Updated on Jan 24, 2017

Windows Defender Antivirus detects and removes this threat.

The threat steals your email, social media, online banking, and online game credentials. It does this by logging your keystrokes and monitoring your browsing activites.

It may be downloaded TrojanDownloader:O97M/Donoff.

Find out ways that malware can get on your PC.  

Alert level: severe
Updated on Oct 14, 2015

Microsoft security software detects and removes this family of threats.

Threats in this malware family can steal your sensitive information, such as your email and banking credentials.

They can be installed by macro malware downloader families such as Donoff, Adnel, and Bartallex

Find out ways that malware can get on your PC.  

Alert level: severe
Updated on Mar 06, 2016

Windows Defender detects and removes this threat.

The threat, also known as DarkComet, is a remote access tooll (RAT) that allows attackers to take control of your PC to perform various specific functions, such as record your information or download other malware.

This threat might have got on your PC from an installer program or other malware.

Find out ways that malware can get on your PC.   

Alert level: severe
Updated on Sep 14, 2017

Windows Defender detects and removes this threat.

This ransomware malware encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.

It can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or when you open a spam email attachment.

There is more information available in the Win32/Teerac family description.

Our ransomware FAQ page has more information on this type of threat.

Read our latest comprehensive ransomware report:

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Alert level: severe
Updated on Sep 14, 2017

Windows Defender detects and removes this threat.

This ransomware family encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.

They can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or as a spam email attachment.

Our ransomware FAQ page has more information on this type of threat.

Read our latest comprehensive ransomware report:

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Alert level: severe
Updated on Sep 14, 2017

Windows Defender detects and removes this threat.

This threat is part of the Ransom:Win32/Teerac family. This ransomware encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.

They can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or as a spam email attachment.

Our ransomware FAQ page has more information on this type of threat.

Read our latest comprehensive ransomware report:

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Alert level: severe
Updated on Sep 14, 2017

Microsoft security software detects and removes this threat.

This threat is part of the Ransom:Win32/Teerac  family. It can encrypt your files and show you a webpage that asks you to pay a fee to unlock them.

It can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or by a spam email attachment.

See the Ransom:Win32/Teerac description for more information.

Our ransomware FAQ page has more information on this type of threat.

Read our latest comprehensive ransomware report:

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Alert level: severe
Updated on Nov 02, 2016

Microsoft security software detects and removes this threat.

This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.

This ransomware might also be downloaded by other malware such as TrojanDownloader:O97M/Donoff as payload.
 
Our ransomware page has more information on this type of threat.
Alert level: severe
Updated on Oct 09, 2014

Windows Defender detects and removes this threat.

This ransomware can encrypt the files on your PC so that you can't access them. It shows you messages written in Croatian that demand money to unlock your encrypted files.

It can be downloaded by TrojanDownloader:O97M/Donoff.

Our ransomware page has more information on this type of threat.

Alert level: severe
Updated on Mar 25, 2015

Windows Defender detects and removes this threat.

This threat can steal your personal information, such as your user names and passwords. It sends the stolen information to a malicious hacker.

It might get on your PC if you follow a link in a spam email, or it might have been downloaded by other malware, such as TrojanDownloader:O97M/Donoff.

Find out ways that malware can get on your PC.

Alert level: severe
Updated on Sep 14, 2017

Windows Defender detects and removes this threat.

This ransomware family encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.

They can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or as a spam email attachment.

Our ransomware FAQ page has more information on this type of threat.

Read our latest comprehensive ransomware report:

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Alert level: severe
Updated on Sep 14, 2017

Windows Defender detects and removes this threat.

This ransomware family encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.

They can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or as a spam email attachment.

Our ransomware FAQ page has more information on this type of threat.

Read our latest comprehensive ransomware report:

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Alert level: severe
Updated on Sep 14, 2017

Windows Defender detects and removes this threat.

This ransomware family encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.

They can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or as a spam email attachment.

Our ransomware FAQ page has more information on this type of threat.

Read our latest comprehensive ransomware report:

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Alert level: severe
Updated on Jan 10, 2018

Windows Defender Antivirus detects and removes this threat. 

This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money (in the form of Bitcoins) to a malicious hacker.

Your PC can get infected with this ransomware from malicious attachments in spammed email messages. The email messages carry a .pdf file attachment embedded with a document containing malicious macro codes. When the attachment is opened, the malicious macro downloads this ransomware from multiple server locations.

This ransomware encrypts files on your computer. It appends any of the following file name extensions to encrypted files: .jaff, .wlu, or .sVn.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Jan 10, 2018

Windows Defender Antivirus detects and removes this threat. 

This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money (in the form of Bitcoins) to a malicious hacker.

Your PC can get infected with this ransomware from malicious attachments in spammed email messages. The email messages carry a .pdf file attachment embedded with a document containing malicious macro codes. When the attachment is opened, the malicious macro downloads this ransomware from multiple server locations.

This ransomware encrypts files on your computer. It appends any of the following file name extensions to encrypted files: .jaff, .wlu, or .sVn.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Jan 10, 2018

Windows Defender Antivirus detects and removes this threat. 

This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money (in the form of Bitcoins) to a malicious hacker.

Your PC can get infected with this ransomware from malicious attachments in spammed email messages. The email messages carry a .pdf file attachment embedded with a document containing malicious macro codes. When the attachment is opened, the malicious macro downloads this ransomware from multiple server locations.

This ransomware encrypts files on your computer. It appends any of the following file name extensions to encrypted files: .jaff, .wlu, or .sVn.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe