Nitrocrypted is a type of malware that encrypts files and modifies their filenames, changes the desktop wallpaper, and creates the "README.txt" file (a ransom note). It renames files by appending the ".nitrocrypted" extension, for example, "1.jpg" is renamed to "1.jpg.nitrocrypted", "2.jpg" to "2.
"New mail server system 4.0" refers to a phishing spam campaign. These spam emails urge recipients to update their email accounts, else risk having them deleted. It must be emphasized that these letters are fake and intended to trick recipients into providing their email account log-in credentials
GameSearchTech browser hijacker changes some of the web browser's settings to gamesearchtech.com so it would open this address on certain occasions. Gamesearchtech.com is a fake search engine. It is unlikely for GameSearchTech to be installed intentionally. Thus, it is categorized as potentially u
More*.biz is a group of rogue websites (more1[.]biz, more2[.]biz, more3[.]biz, more4[.]biz, etc.), which are designed to present visitors with questionable content and/or redirect them to different (likely unreliable or malicious) pages. The Internet is rife with rogue webpages; liffsandupa.xyz,
Robo-checker[.]top displays a fake CAPTCHA to trick visitors into agreeing to receive its notifications and promotes shady, potentially malicious pages. Users do not visit pages like robo-checker[.]top on purpose. One of the ways to promote websites of this type is to use potentially unwanted appl
Liffsandupa[.]xyz is a rogue webpage that loads questionable content, pushes its notifications, and/or redirects visitors to other (likely unreliable or malicious) sites. There are thousands of such websites on the Internet; aclientirethe.xyz, auldlikeaver.top, and fast-travel.org - are but a few
Payransom500 encrypts data and renames every encrypted file by appending "@payransom500" and the victim's ID as the file extension. For example, it renames "1.jpg" to "1.jpg.@payransom500.2B2-475-251", "2.jpg" to "2.jpg.@payransom500.2B2-475-251". Also, Payransom500 creates a ransom note ("!!! ALL
Sharing similarities with aclientirethe.xyz, captchafilter.top, onestoreblog.com, and countless others, aidraiphejpb[.]com is a rogue site. This page is designed to load dubious content, push its browser notifications, and/or redirect visitors to various (likely untrustworthy or malicious) website
Romancedating[.]top uses a clickbait technique to trick visitors into agreeing to receive notifications from it and promotes untrustworthy web pages. It is similar to escribeda[.]xyz, aclientirethe[.]xyz, captchafilter[.]top, and hundreds of other sites. It is very uncommon for these pages to be o
IncognitoSearchWeb is a browser hijacker that modifies browsers to promote the incognitosearchweb.com fake search engine. Since most users inadvertently download/install browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications). IncognitoSearchWeb reassigns br