RED is ransomware - a type of malware that encrypts files. It also modifies filenames, displays a ransom note in a pop-up window, and provides another one as the "info.txt" file. RED renames files by appending the victim's ID, redline@onionmail.org email address, and the ".RED" extension to filena
ManagerDisplay is adware that generates advertisements, hijacks a web browser (to promote a fake search engine), and collects information. A big part of software of this type is promoted and distributed using questionable, deceptive methods. It means that most adware gets downloaded and installe
WannaBitcoin is ransomware designed to encrypt files, append the ".wannabitcoin" extension to filenames, and provide three ransom notes. WannaBitcoin displays a pop-up window, creates the "READ ME TO RECOVER YOUR FILES.wannabitcoin.txt" file, and changes desktop wallpaper. All three of them contai
The purpose of the ExplorerTransaction application is to generate advertisements and promote a fake search engine. It promotes a fake search engine by hijacking a web browser. It is very common for apps like ExplorerTransaction to be promoted and distributed in deceptive ways. Advertisem
Health ransomware is part of the Phobos ransomware family. It encrypts files, appends the victim's ID, loading66@tuta.io email address, and the ".health" extension to filenames. Health generates two ransom notes: "info.txt" and "info.hta" (the second file displays a ransom note in a pop-up window)
AdvancedRecord displays advertisements and promotes a fake search engine by hijacking a browser. It functions as adware and a browser hijacker. Lots of apps like AdvancedRecord are promoted and (or) distributed using deceptive methods. Thus, users download and (or) install them inadvertently.
The purpose of wholenicenews[.]com is to trick visitors into allowing it to show notifications and redirect them to questionable/potentially malicious web pages. There are lots of pages like wholenicenews[.]com, for example, newschecktoday[.]com, hukelpfulin[.]xyz, tropi[.]fun. Wholenicene
It is one of the websites running a fraudulent advertising campaign. This deceptive website uses a scare tactic to promote legitimate antivirus software called Total AV. Usually, these pages are promoted through misleading advertisements, other shady websites, and potentially unwanted apps (PUAs).
Zppl8 is ransomware that encrypts files and modifies their filenames by appending a string of random characters and the ".zppl8" extension. For example, it renames "1.jpg" to "1.jpg.bZmReIcUCE6-P0nad3or9k49iED4c_MlVYCiX7J7tuP_m8AP3Ts4wzE0.zppl8", "image.png" to "image.png.bZmReIcUCE6-P0nad3or9k49i
DeployUpdater is adware that has the qualities of a browser hijacker. This app displays advertisements and hijacks a web browser to promote a fake search engine by changing its settings. Most users download and install adware unintentionally because it is promoted and distributed using questiona