BLUE LOCKER is ransomware. Malware of this type encrypts files, modifies their filenames, and generates a ransom note. BLUE LOCKER appends the ".blue" extension to filenames, for example, it renames "1.jpg" to "1.jpg.blue", "2.jpg" to "2.jpg.blue". Its ransom note is a text file named "restore_fil
DataFile displays ads and promotes a fake search engine. It functions as adware and a browser hijacker. DataFile hijacks a web browser by changing some of its settings. Adware, browser-hijacking apps rarely get downloaded/installed on purpose. Lots of them are promoted and distributed using ques
Moia is ransomware that belongs to a ransomware family called Djvu. It encrypts files and appends the ".moia" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.moia", "sample.jpg" to "sample.jpg.moia". Moia creates the "_readme.txt" file to provide instructions on how to con
A1ndh is a ransomware-type program that encrypts data (locks files) and demands payment for the decryption (access recovery). Affected files are appended with a random character string and the ".a1ndh" extension. For example, a file like "1.jpg" would appear similar to "1.jpg.L75lyBa9fsElkmD6_0ZK
Protectionyoupc[.]com displays deceptive content, asks for permission to deliver notifications, and redirects visitors to potentially malicious pages. It shares these qualities (at least two of them) with captcharesolverhere[.]top, indexforcaptchas[.]top, bitcoinshortener[.]top, and plenty of othe
"Access via Seed Phrase" is a phishing scam that targets cryptocurrency wallet credentials (i.e., passphrases). Through this scheme, users can supposedly access their digital wallets (e.g., MetaMask, Trezor, Ledger, Fortmatic, etc.); however, by attempting to do so - they will inadvertently expose
L41 is a malicious program belonging to the MedusaLocker ransomware group. This malware is designed to encrypt data (render files unusable) and demand ransoms for the decryption. Compromised files are appended with the ".L41" extension. For example, a file titled "1.jpg" would appear as "1.jpg.L4
Cybercriminals behind this email attempt to trick recipients into believing that they have received an email from a nonprofit organization called Better Business Bureau (BBB) and opening a malicious attachment. The file attached to it is used to distribute Dridex banking malware. The Bette
Cent Browser is an untrustworthy browser based on the Chromium open-source project. It has been observed operating as adware, and it also promotes the internet-start.net fake search engine - which is a browser hijacker trait. Since most users install Cent Browser unintentionally, it is also classi
WebCouponSearch is a browser-hijacking application designed to promote the webcouponsearch.com address. Webcouponsearch.com is a fake search engine. WebCouponSearch promotes it by changing web browser's settings. WebCouponSearch changes the default search engine, homepage, and new tab page