ALPHV (BlackCat) is a sophisticated ransomware-type program written in the Rust programming language. This program is used in Ransomware-as-a-Service (RaaS) operations. Malware of this type encrypts data (locks files) and demands payment for the decryption. Typically, these malicious programs ren
Umhiswh[.]club is a deceptive website designed to trick visitors into agreeing to receive its notifications. Also, this page redirects visitors to other untrustworthy web pages. It shares these qualities with news-befuka[.]cc, hrougthatsidh[.]club, paymentsweb[.]org and plenty of other pages.
BLOCK is one of the ransomware variants belonging to the Xorist family. This variant encrypts files and appends the ".BLOCK" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.BLOCK", "sample.png" to "sample.png.BLOCK". BLOCK ransomware creates the "КАК РАСШИФРОВАТЬ ФАЙЛЫ.txt
NRCL is a ransomware-type program that encrypts data (renders files inaccessible) and demands payment for the decryption (access recovery). Compromised files are appended with the ".NRCL" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.NRCL", "2.jpg" as "2.jpg.NRCL"
Mljx is part of the Djvu ransomware family. It is ransomware that encrypts files, modifies their filenames (by appending the ".mljx" extension), and creates a ransom note (the "_readme.txt" file). For example, Mljx renames "sample.jpg" to "sample.jpg.mljx", "file.png" to "file.png.mljx", and so on
Yourcoolfeed[.]com is a rogue site akin to news-befuka.cc, hrougthatsidh.club, businesspayments.org, spdate.com, and thousands of others. It operates by loading questionable content and/or redirecting visitors to different (likely, untrustworthy or malicious) webpages. Users typically enter rogue
2promoter[.]com displays deceptive content, asks for permission to deliver notifications, and redirects visitors to untrustworthy websites. It is pretty similar to news-befuka[.]cc, hrougthatsidh[.]club, businesspayments[.]org, and many other pages that users do not open intentionally. It
Belonging to the Phobos ransomware family, pHv1 is a malicious program that encrypts data (locks files) and demands ransoms for the decryption. Files are appended with a unique ID assigned to the victims, the cyber criminals' email address, and a ".pHv1" extension. For example, a file like "1.jpg
Xqxqx is ransomware that belongs to is Dharma ransomware family. It encrypts files and modifies their filenames. It also creates the "FILES ENCRYPTED.txt" file and displays a pop-up window containing ransom notes. Xqxqx renames files by appending the victim's ID, decryptionx@onionmail.org email a
TaskBoard is an adware-type app with browser hijacker abilities. Due to the questionable techniques used to spread TaskBoard, it is also classified as a PUA (Potentially Unwanted Application). Adware enables the placement of third-party graphical content on visited websites and/or other