Search1.me is the address of a fake search engine. Typically, such web searchers are promoted by PUAs (Potentially Unwanted Applications) classified as browser hijackers. Search1.me has been observed being pushed by the Better Search browser hijacker. Browser hijackers promote fraudulent w
Mr.Frenk ransomware encrypts files and modifies their names by appending the victim's ID as the extension. For example, it renames a file named "1.jpg" to "1.jpg[ID]xXreYrOz66PL9qHB[ID]", "2.jpg" to "2.jpg[ID]xXreYrOz66PL9qHB[ID]", and so on. Also, Mr.Frenk displays a pop-up window that contains a
The purpose of the beta-one[.]net website is to trick visitors into agreeing to receive notifications. Also, this page is designed to promote (open) shady websites. There is plenty of pages like beta-one[.]net, for example, news-themes[.]com, silsautsacmo[.]com, and centralheat[.]me. These pages a
Better Search is a browser hijacker promoting the bettersearchtr.com fake search engine. Due to dubious methods used to distribute browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications). Better Search modifies browsers by assigning bettersearchtr.com as the
Phishing emails like this one are used to trick recipients into providing personal information. Usually, scammers send emails with links designed to open deceptive pages asking to provide credit card details, names, surnames, bank account numbers, usernames, passwords, or other information.
Belonging to the Makop ransomware group, Baseus is a malicious program that encrypts data (renders files inaccessible) and demands ransoms for the decryption. Compromised files are retitled according to this pattern: original filename, unique ID assigned to the victim, cyber criminals' email addr
"I am sorry to inform you but your device was hacked" refers to a sextortion spam campaign. These scam emails claim that the recipient's device was infected and used to make a sexually explicit video of them. The letters demand a ransom to be paid - else the compromising recording will be publiciz
Charlie ransomware prevents victims from accessing their files (it encrypts files), modifies filenames, and displays a pop-up window ("!README!.hta") containing contact information. Charlie renames files by appending the charlieadmin@mail2tor.com email address, victim's ID, and ".!Charlie" extensi
News-themes[.]com is a rogue website sharing common traits with fast-travel.org, tionalmorei.online, expensivesurvey.live, and countless others. It operates by loading dubious content and/or redirecting visitors to various (likely untrustworthy or malicious) sites. Users typically access webpages
Variant of the Babuk ransomware, Doydo is a malicious program that encrypts data and demands payment for the decryption. Affected files are appended with a ".doydo"; e.g., a file named something like "1.jpg" would appear as "1.jpg.doydo", "2.jpg" as "2.jpg.doydo", etc. Once this process is complet