Matanbuchus is a loader-type malicious program offered by its developers as Malware-as-a-Service (MaaS). This piece of software is designed to cause chain infections. Since it is used as a MaaS, both the malware it infiltrates into systems, and the attack reasons can vary - depending on the cyber
Mykiger[.]com uses a clickbait technique to trick visitors into agreeing to receive notifications and redirects them to potentially malicious websites. It is similar to linkwinners[.]net, yourcoolfeed[.]com, news-befuka[.]cc, and a great number of other deceptive pages. As a rule, users do not vis
"You've visited illegal infected website" is a scam disguised as a security alert from McAfee. It must be emphasized that this fake alert is in no way associated with the McAfee anti-virus or McAfee Corp. Scams of this type usually endorse various untrustworthy apps, e.g., adware, browser hijacke
Hr1wf is ransomware designed to encrypt files, modify filenames of all encrypted files and create the "i1jv_HOW_TO_DECRYPT.txt" file containing a ransom note. It appends a string of random characters and hte ".hr1wf" extension to filenames. For example, Hr1wf renames "1.jpg" to "1.jpg.INhA59OBVcS
Stayprotectedsupport[.]com is a rogue site sharing similarities with newschecktoday.com, hukelpfulin.xyz, alert-defenders.com, and countless others. It is designed to load dubious/deceptive content, push its browser notifications, and/or redirect visitors to different (likely unreliable/malicious)
Hudf is designed to encrypt files, append the ".hudf" extension to filenames, and create the "_readme.txt" file. It makes files inaccessible and provides a ransom note containing instructions on how to pay for their decryption. Hudf is part of the Djvu ransomware family. An example of how Hudf mo
"Your Device Has Been Compromised" is an online scam targeting Android device users. This scheme makes false claims about malware infections to trick users into downloading/installing or purchasing (likely untrustworthy or harmful) software. Typically, scams of this type promote fake anti-viruses
Defender-scanning[.]xyz displays deceptive content and asks for permission to show notifications. It shares these qualities with newschecktoday[.]com, push-defenders[.]com, profitsurvey24[.]com, and plenty of other websites. It is very uncommon for these pages to be visited intentionally.
VLOPlayer seems like a legitimate media player that looks similar to the VLC player. However, it is distributed with a browser hijacker (named Search By VLO) designed to promote vlosearch.com (a fake search engine). Browser hijackers promote fake search engines by changing the browser's settings.
Unlock is a malicious program categorized as ransomware. It is designed to encrypt data (render files unusable) and demand ransoms for the decryption. Encrypted files are appended with a unique ID assigned to the victim and the ".unlock" extension. For example, a file initially named "1.jpg" woul