Vgkf is the name of ransomware that belongs to the Djvu ransomware family. It encrypts files and modifies filenames (appends the ".vgkf" extension). For example, it Vgkf renames "image.jpg" to "image.jpg.vgkf", "document.txt" to "document.txt.vgkf". It also creates the "_readme.txt" file, a ransom
Admin Locker is ransomware designed to encrypt files (make them inaccessible), change extensions of all encrypted files and create the "!!!Recovery File.txt" file (a ransom note). The extension that Admin Locker appends to filenames depends on the ransomware variant. It can append ".admin1", ".adm
Goodcaptchastyle[.]top is designed to trick visitors into clicking the "Allow" button in a pop-up displayed by a browser. Also, it can redirect visitors to other shady websites. Usually, websites like goodcaptchastyle[.]top are promoted by websites that use rogue advertising networks. Good
Krestinaful.com is a fake search engine promoted by various browser-hijacking applications. Two of the apps promoting krestinaful.com are called Settings and Options. Browser hijackers promote fake search engines by changing the web browser's settings. Apps of this type often are promoted and dist
Scammers are using a fake Google application to steal CoinBase login credentials. They use malicious installers to inject modified Chrome browser or similar software that changes the Google Chrome shortcut target. When users try to access a legitimate CoinBase page, they get redirected to a fake o
SafeTravel is a program that shows advertisements. For this reason, it is categorized as advertising-supported software (adware). Pretty often, adware developers promote and distribute their software using questionable methods. Thus, users often download and install adware unintentionally.
Pure Dark is an application that hijacks a web browser by changing some of its settings to ggfpa.com - an address redirecting visitors to questionable websites. In some cases, Pure Dark hijacks a browser without changing any settings. Pure Dark can change the homepage, new tab page, and de
Night Sky is the name of ransomware that encrypts files and modifies filenames by appending the ".nightsky" extension. For example, it renames "1.jpg" to "1.jpg.nightsky", "2.jpg" to "2.jpg.nightsky". Also, it creates the "NightSkyReadMe.hta" file that displays a pop-up window containing a ransom
ConnectProcess generates annoying advertisements and promotes a fake search engine by changing the web browser's settings. Usually, users get tricked into downloading and installing adware and browser-hijacking apps. Therefore, apps like ConnectProcess are called potentially unwanted application
Security-scanner[.]xyz is an untrustworthy website that displays deceptive content and asks for permission to show notifications used to promote other pages of this kind. Security-scanner[.]xyz is promoted through pages using rogue advertising networks. Security-scanner[.]xyz is similar to