Online fraudsters are in for a new scam campaign featuring rogue invitation messages that recommend recipients to visit Vidplayy.com site, which is not safe.
Obviously, computer crooks are no longer fully comfortable with old school browser hijacking techniques. A recent wave of such attacks involves a significant extent of social engineering. One of the unusual malware distribution vectors engaged by the threat actors is via text messages sent to numerous people’s phones. These messages read “Invitation from [first name and initial]” and also contain a hyperlink to Vidplayy.com/, where the URL is followed by a gibberish-looking string like “aprtinc” or “apr1041q”. Some users have reportedly received similar invitations over email. The catch is clear – the scammers try to lure recipients into visiting the web page in question. But what for? The whole gist of this hoax has to do with malicious scripts running on the website.
The adverse effect in this case is twofold. On the one hand, the landing page will display deceptive popups that instruct the unsuspecting user to install something. The linked-to program turns out to be either some worthless junk or a piece of malware masqueraded as a video player, browser update and the like. On the other hand, simply visiting Vidplayy.com may result in obfuscated code execution on the target computer. An unwanted drive-by download is fired up without the victim’s awareness. The consequences are going to be nasty. The infection adds a new extension to web browsers detected on the system. Again, this happens without authorization on the user’s end.
The perpetrating add-on modifies custom web surfing settings. In the upshot, the user’s preferences, including the homepage, new tab page and search engine of choice, start defaulting to Vidplayy.com. The domain name, however, typically performs the function of an intermediary. It further reroutes the intercepted traffic to affiliate pages hosting various corrupt downloads. Ultimately, the user ends up stuck in a loop of recurrent browser diverting and constant popup activity. One more side effect that may occur is the display of ads on nearly all visited websites. A slew of coupons, deals, price comparisons and interstitial advertisements will cram up web page layouts and slow down the browser. The longer this aggressive application stays inside a computer, the worse things get as it slithers its way deeper into system presets and promotes more viruses. The only way to address the symptoms described in this article is to get rid of Vidplayy malware and fix the broken browser settings.
Automated removal of Vidplayy virus
Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:
1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button
2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.
Use Control Panel to get rid of Vidplayy adware
• Open up the Control Panel from your Start menu in Windows and select Uninstall a program
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find Vidplayy or some other unfamiliar entry under the Name column, click Uninstall and follow further directions to get the removal done.
Restore web browser settings to their original defaults
In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by Vidplayy.
Reset Mozilla Firefox
• Open Firefox, type about:support in the URL area and press Enter
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it
• Follow subsequent directions to reset Firefox to its original settings
• Restart the browser.
Reset Google Chrome
• Open Chrome, click the icon for Chrome menu and choose Settings
• Scroll down the settings screen and click Show advanced settings
• Click Reset settings
• Finally, confirm the restoration by clicking Reset on the warning message
• Restart Chrome.
Reset Internet Explorer
• Select Internet options under IE’s Tools
• Proceed by clicking on Advanced tab, then select Reset
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled
• Reboot the machine to fully implement the fix.
• Go to the Safari menu and select Preferences
• When on the Preferences screen, select the Privacy tab and hit the Remove All Website Data button if you are up to erasing all website data stored on your Mac. Otherwise, you can use a site-specific removal option described below
• A dialog will appear, asking you to validate your choice. Click the Remove Now button if you are sure. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc.
• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, click the Details button under Privacy tab
• Select the websites for which you would like to erase data and click the Remove button
• Click the Done button to confirm and exit. You can also select the Remove All option to remove all data stored by the listed websites.
Revise your security status
Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.