!palang is ransomware that encrypts files (and modifies their filenames), and generates two ransom notes ("!README!.hta"/pop-up window and "!README!.txt") containing mainly contact information. It renames files by prepending mrpalang@cock.li email address, victim's ID, and appending the ".!palang"
FocusDeploy is a piece of rogue software classified as adware. It has browser hijacker abilities as well. Since most users download/install such apps inadvertently, they are also categorized as PUAs (Potentially Unwanted Applications). Adware displays various banners, pop-ups, coupons, s
Captchamodern[.]top is a rogue site designed to load dubious content, push its browser notifications, and/or redirect visitors to other (likely untrustworthy or malicious) webpages. The Internet is rife with such websites; apel.top, verifyrobots.online, news-hoyisa.cc, and liffsandupa.xyz are just
BeyondLaunch has two purposes - to generate advertisements and promote a fake search engine. It has the qualities of advertising-supported software and a browser hijacker. It is uncommon for apps of this type to be downloaded and installed knowingly. For this reason, BeyondLaunch falls into the
Towercaptcha[.]top is designed to use a clickbait technique to trick visitors into agreeing to receive notifications and open other questionable web pages. It shares similarities with premium-news-for[.]me, arfanbajt[.]xyz, theresults[.]net, and hundreds of other pages. Users do not open them inte
"Polkadot giveaway" is the name of a scam promoted on various untrustworthy sites. The scheme promises to triple the DOT (Polkadot) cryptocurrency users submit to the "competition". However, any amount users transfer to the digital wallet address provided by this scam - will be simply lost, as it
BufferRecord functions as adware and a browser hijacker: it generates revenue for its developer by displaying advertisements and promoting a fake search engine. Many of the apps of this type are promoted and (or) distributed using questionable, deceptive methods. Thus, they are categorized as po
OperationValue is an adware-type app with browser hijacker qualities. Since most users inadvertently download/install software products within these classifications, they are also considered to be PUAs (Potentially Unwanted Applications). Adware enables the placement of pop-ups, banners,
Similar to verifyrobots.online, ositieonthat.space, mobsuitem.com, eneedande.online, and thousands of others, apel[.]top is a rogue website. It operates by loading questionable content, pushing its browser notifications, and/or redirecting visitors to different (likely unreliable or malicious) pag
"SAM Trading Group email virus" refers to a malware-spreading spam campaign. The scam emails are presented as payment-related messages. However, it must be emphasized that all the information provided by these letters is false, and the legitimate entities mentioned in them - are not associated wi