Fmiint is a ransomware-type program. It is designed to encrypt data (render files inaccessible) and demand payment for the decryption. Affected files are appended with a ".fmiint-sqnsxris" extension, e.g., a file titled "1.jpg" would appear as "1.jpg.fmiint-sqnsxris", etc. After this process is co
Funtoday[.]info displays a fake CAPTCHA to get permission to show its notifications and redirects to questionable websites. Funtoday[.]info is similar to thdedukicatio[.]xyz, beparaspr[.]com, news-helaga[.]cc, and plenty of other pages that users do not open voluntarily. Funtoday[.]info cl
AboutDynamic is an adware-type application with browser hijacker qualities. It operates by running intrusive ad campaigns and modifying browsers to promote fake search engines. Furthermore, apps of this type are classified as PUAs (Potentially Unwanted Applications) due to being distributed usin
MS ransomware is part of the Dharma ransomware family. This variant encrypts files, appends the victim's ID, crpt4mn@onionmail.org email address, and ".MS" extension to filenames, and generates two ransom notes (pop-up window and the "MANUAL.txt" file). For example, it renames "1.jpg" to "1.jpg.i
UpgradeSearchView displays ads and promotes a fake search engine. It has the qualities of advertising-supported software and a browser-hijacking application. Apps like UpgradeSearchView are categorized as potentially unwanted applications (PUAs). It is because the majority of users download and
Cool is ransomware that prevents victims from accessing files by encrypting them. Also, it appends the ".cool" extension to filenames (for example, it renames "1.jpg" to "1.jpg.cool", "2.jpg" to "2.jpg.cool") and creates the "_readme.txt" file - a ransom note. Cool is part of the Djvu ransomware f
Palq is the name of a ransomware variant that belongs to a family of ransomware called Djvu. It encrypts files and appends the ".palq" extension to filenames. For example, it renames "1.jpg" to "1.jpg.palq", "2.jpg.palq" to "2.jpg.palq". Palq provides contact and payment information in a ransom no
News-wavaye[.]cc uses a clickbait technique to lure visitors into allowing it to deliver notifications and opens untrustworthy pages. There are plenty of pages of this type. Some examples are thdedukicatio[.]xyz, beparaspr[.]com, and news-helaga[.]cc. News-wavaye[.]cc claims that visitors
Thdedukicatio[.]xyz displays untrustworthy content to trick visitors into agreeing to receive notifications and promotes various potentially malicious pages. It uses a clickbait technique to get permission to show notifications. Users do not open pages like thdedukicatio[.]xyz intentionally.
38dpz is the name of a ransomware variant that encrypts files, modifies filenames by appending a string of random characters and the ".38dpz" extension to them, and creates a ransom note (the "WKFr_HOW_TO_DECRYPT.txt" text file). For example, 38dpz renames a file named "1.jpg" to "1.jpg.ux9-od4j6