big dark is the name of a browser hijacker promoting ytood.com - a fake search engine. big dark hijacks a browser by changing its settings. Most browser-hijacking apps are promoted/distributed using questionable (often deceptive) methods. Thus, a big part of them gets downloaded and installed inad
Greattypecaptcha[.]top is one of the websites designed to trick users into allowing it to show notifications. It can also redirect visitors to other untrustworthy pages. Greattypecaptcha[.]top is similar to mykiger[.]com, stayprotectedsupport[.]com, defender-scanning[.]xyz, and hundreds of others.
It is a phishing email that scammers use to trick recipients into opening a deceptive page and providing sensitive information. This email is disguised as a letter from the Czech Post/Česká pošta (the state-owned postal company of the Czech Republic). This email is disguised as a letter re
8zvpm is ransomware that blocks access to files (encrypts files), appends a string of random characters and the ".8zvpm" extension to filenames, and creates a ransom note (the "vyS2_HOW_TO_DECRYPT.txt" file) on a desktop. An example of how 8zvpm modifies filenames: it renames "1.jpg" to "1.jpg.O_
ExpandedNet is advertising-supported software. It generates advertisements. In addition to that, ExpandedNet changes web browser's settings to promote a fake search engine (it functions as a browser hijacker). This app is distributed using a fake Adobe Flash Player installer. ExpandedNet
Ver is ransomware that encrypts files and appends the ".ver" extension (and the victim's ID, quacksalver@onionmail.org email address) to filenames. It also displays a pop-up window and creates the "info.txt" file containing a ransom note. This ransomware is part of the Dharma family. For example,
C1024 belongs to a family of ransomware called Dharma. This variant appends the ".C1024" extension (and the victim's ID, code1024@keemail.me email address) to filenames. C1024 generates two ransom notes: it creates the "info.txt" file and displays a pop-up window. An example of how C1024 renames
The purpose of Nnqp ransomware is to encrypt files and create a text file ("_readme.txt") containing a ransom note. Additionally, it appends the ".nnqp" extension to filenames. For example, it renames "1.jpg" to "1.jpg.nnqp", "document.txt" to "document.txt.nnqp", and so on. Nnqp belongs to a fami
Similar to stayprotectedsupport.com, newschecktoday.com, earnmoneycrypt.com, and countless others, rewardsltd[.]com is a rogue website. It operates by promoting questionable/deceptive content and/or redirecting visitors to different (likely untrustworthy or malicious) pages. Most users enter rogu
SmartTravel is an adware-type application. Due to the questionable techniques used to distribute it, this piece of software is also classified as a PUA (Potentially Unwanted Application). SmartTravel is endorsed as a tool for easy access to information hosted on Wikitravel - a web-based collabora