malwarebytes imitation …

pnamajck

Honorable Member

Joined

Aug 28, 2014

Messages

433

• Sep 20, 2016

• Thread Author
• #1

don't get suckered into the imitation software … always go directly to the source … in this case www.malwarebytes.com .

yep, another new ransomware variant is making the rounds … trying to pass itself off as legitimate software. supposedly the filename is "malwerbyte.exe". websites are not safe either … something to the effect "malwrhunterteam" or an exact address-extension of "t.co/kZKjVrhx64".

i caught wind of it this evening on malwarebytes blog:

Spoiler: blog.malwarebytes.com

PSA: DetoxCrypto Ransomware imitating Malwarebytes

remember … even when on the official website … copy/paste the url into virus-total's website to make sure the file is legitimate. few weeks back, kemical discovered classic-shell's official download server had been victimized … sending innocent clients to forged address/file.

ref:
VirusTotal - Free Online Virus, Malware and URL Scanner

 

kemical

Essential Member

Joined

Aug 28, 2007

Messages

36,176

• Sep 21, 2016

• #2

Excellent post, thanks for the heads up pnamajck!

 

William B

Senior Member

Joined

May 14, 2016

Messages

170

• Sep 21, 2016

• #3

Interesting.

 

pnamajck

Honorable Member

Joined

Aug 28, 2014

Messages

433

• Sep 21, 2016

• Thread Author
• #4

felt good to share the news with others.

 

Axel PC

Honorable Member

Joined

Apr 24, 2016

Messages

523

• Sep 22, 2016

• #5

@pnamajck thanks for the heads up!

 

BIGBEARJEDI

Excellent Member

Premium Supporter

Joined

Jan 28, 2013

Messages

2,419

• Sep 22, 2016

• #6

Ouch! Thanks for posting that Jack. It's not enough those cyber-creeps are loading up Ransomware which locks access to your computer or your all your files (including your plugged in external drives) and then they want $250-$2,500 in order to unlock it. Going to fake websites inadvertently is a human error that happens amongst inexperienced and beginning computer users. The Senior population I deal with on a daily basis is especially vulnerable to this. That's why for the last 3 years whenever I repair or install a new computer, I also put in anti-Rootkit and anti-Bootkit software as backstop protection agains this sort of thing. Some, but not all of these fake site redirection viruses use the Rootkit or Bootkit morphology vector to attack an unsuspecting user's PC as no antivirus or antispyware programs typically catch these types.

Good stuff!
<<<BIGBEARJEDI>>>

 

P

Peterr

Fantastic Member

Joined

Mar 31, 2011

Messages

1,175

• Jul 23, 2019

• #7

I really appreciate your sharing Virus total concept with others. There is a lot of damaging material out there. Thank you.

 

P

Peterr

Fantastic Member

Joined

Mar 31, 2011

Messages

1,175

• Jan 24, 2021

• #8

I knew of Virus total but do I always use -no . Shame on me. 99% of the time is as good as zero. Always use it. I am going to check if the is an alternative to VT so I will have another to go to if necessary. Before you know it there will be a phony VT.

 

Neemobeer

Windows Forum Team

Staff member

Joined

Jul 4, 2015

Messages

8,998

• Jan 24, 2021

• #9

I would be extra careful with MBAM right now. They were targeted in the massive and state-sponsored cyber attack.

Malwarebytes hit by same group that compromised SolarWinds | IT World Canada News

Malwarebytes has become the latest technology provider to admit it was hit by the same threat actor that compromised SolarWinds.

www.itworldcanada.com

 

carsten ibsen

Honorable Member

Joined

Oct 21, 2014

Messages

21

• Feb 2, 2021

• #10

A thousand thank you, I will be a bit more cautious in the future.