Vortex Ransomware is a cryptographic virus, that mostly attacks users in Poland, but may also be distributed in other counties. Vortex Ransomware code is based on AESxWin - a free program for encryption and decryption. It uses AES-256 cryptography and adds .aes and .ZABLOKOWANE extensions to encrypted files. After encoding, Vortex creates a text files (ODZSZYFRUJ-DANE.txt (or "#$# JAK-ODZYSKAC-PLIIKI.txt")), and places it on the desktop. Various versions of this virus demand from $100 to $200 in BitCoins. One of the alternative versions of Vortex Ransomware is called Flotera and it also appends .aes suffix.
Hermes Ransomware is crypto-extortionist, that encrypts user data using AES-256 + RSA-2048 encryption, and then requires you to contact by e-mail to return files. Virus appends .hrm extension to encrypted files, however, some versions do not add any extensions or suffixes. Hermes Ransomware also creates "UNIQUE_ID_DO_NOT_REMOVE" file, that malefactors require attaching to e-mail. This malware uses the Evelen method to bypass UAC. Removes volumes of shadow copies of files and backup files. Currently ransom amount is unknown, but usually ransomware demands from $500 to $2000 in BitCoins to be paid for decryptor. There are many cases when hackers ignore the payment and do not send any keys in return. There is free decryptor available, created by security specialists, but unfortunately, it can not decrypt all versions of Hermes Ransomware.
CryptoMix Ransomware is famous family of ransom-demanding encryption viruses. Recently it came up with updated version that modifies your files with random set of 32 letters and digits and .xzzx file extension. So it makes your files look like this: 1V3DJHJ6M78BL3535RTY987XZFDGP876.XZZX. This new version uses complex double encryption with RSA-1024 ans AES algorithms. After encryption finishes CryptoMix Ransomware creates _HELP_INSTRUCTION.TXT file that contains contact e-mails and ransom-demanding message. Malefactors use following e-mails: xzzx@tuta.io, xzzx1@protonmail.com, xzzx10@yandex.com, and xzzx101@yandex.com.
Iron Ransomware, also known as Iron Locker, Iron Unlocker Ransomware, Maktub Ransomware, is malware file encryptor, which locks users documents, photos, videos and other files using AES + RSA for the key, and then cybercriminals demand a 0.2-1.1 Bitcoins for decryption. In fact, real decryption is not guaranteed after payment. Ransomware virus creates a unique id for every infiltrated machine.
Search.funsocialtabsearch.com is a browser hijacker, which changes a homepage to http://search.funsocialtabsearch.com. Despite a modern design and useful links on most popular social networks, such a twitter, facebook, etc Search.funsocialtabsearch.com can decreases system performance and quality of browsing. It's because fake search engine, that brings by a hijacker and modifies browser settings in most popular browsers: Google Chrome, Mozilla Firefox, and Safari. Browser hijacker can collect and a personal user information and share it with third parties: retailers or markets.
