Indexforcaptchas[.]top displays a deceptive CAPTCHA and redirects to untrustworthy websites. The purpose of this page is to promote shady pages through its notifications or by redirecting visitors to them. Indexforcaptchas[.]top is similar to new-updates-service[.]com, yourdailysecurity[.]com, and
Doyuk 2.0 is a piece of malicious software classified as ransomware. It is designed to encrypt data (render files inaccessible) and demand ransoms for the decryption (access recovery). Files are appended with a ".doyuk2" extension. To elaborate, a file initially titled "1.jpg" would appear as "1.
TopSearchMaps is a browser hijacker that promotes the topsearchmaps.com address, a fake search engine. TopSearchMaps hijacks a browser by changing its settings. A big part of browser hijackers is promoted using questionable methods. Thus, it is common for them to be downloaded and installed inadve
Bitcoinshortener[.]top is a site offering URL (website address) shortening services. While this is a legitimate service, this website uses rogue advertising networks that promote various (likely deceptive and malicious) pages. Using these networks for monetization is quite common on the Web; henc
AnalogSet is a piece of rogue software that is categorized as adware, and it also has browser hijacker abilities. This app is classified as a PUA (Potentially Unwanted Application) due to the dubious techniques used to distribute it. Adware can display pop-ups, coupons, banners, surveys,
XIII is the name of a ransomware variant belonging to the Phobos ransomware family. This variant encrypts files and appends a victim's ID, xlll@imap.cc email address, and the ".XIII" extension to their filenames. For example, it renames "1.jpg" to "1.jpg.id[9ECFA84E-3274].[xlll@imap.cc].XIII", "sa
OperativeResults is a PUA (Potentially Unwanted Application) with adware and browser hijacker qualities. This app has been observed being distributed via fake Adobe Flash Player updates. Adware enables the placement of third-party graphical content on visited websites and/or different in
AssistiveConsole shows unwanted advertisements and hijacks a browser (changes its settings) to promote a fake search engine. It is uncommon for apps like AssistiveConsole to be installed on purpose. They often are promoted using deceptive methods. Apps of this kind are called potentially unwante
The purpose of this email is to deliver FormBook malware. It is disguised as a letter from BBVA (Banco Bilbao Vizcaya Argentaria), a legitimate Spanish multinational financial services company. It contains a malicious attachment (an archive file). This malicious email is written in Spanish
TopCouponSearch is a browser hijacker that modifies browsers to promote the topcouponsearch.com fake search engine. Due to the dubious techniques used to distribute browser hijackers, they are also categorized as PUAs (Potentially Unwanted Applications). With TopCouponSearch installed: new