Push-defenders[.]com is used to promote questionable websites: it redirects visitors to those pages and promotes them via its notifications. Push-defenders[.]com is like tiontowriting[.]xyz, ewdownt[.]club, linkwinners[.]net, and hundreds of other pages. At the time of the research, push-d
Akin to linodeobjects.com, verifyrobots.online, tiontowriting.xyz, and thousands of others, profitsurvey24[.]com is a rogue website. It operates by loading questionable/deceptive content and/or redirecting visitors to various (likely unreliable or malicious) webpages. Rogue sites are seldom acces
Khonsari is the name of a ransomware family that encrypts files and forces users to pay a ransom to get a decryption tool. It is known that it appends the ".khonsari" extension to filenames (for example, renames "1.jpg" to "1.jpg.khonsari", "2.jpg" to "2.jpg.khonsari") and generates a ransom note
Wvjg8 is a ransomware-type program. It encrypts data and demands payment for the decryption. Affected files are appended with a random character string and a ".wvjg8" extension, e.g., a file like "1.jpg" would appear similar to "1.jpg.qHdHdzwknF54g1MOx26COacBiHBZerGx50wCbKDoV37_rEbHR7vU3eo0.wvjg8"
Tropi[.]fun can show notifications (if allowed) and redirect visitors to a number of potentially malicious pages. It has the same qualities as tiontowriting[.]xyz, ewdownt[.]club, luckydatingspot[.]top, and plenty of other similar pages that most users would never visit on purpose. Tropi[.
Linodeobjects[.]com is a rogue website designed to load questionable content and/or redirect visitors to other (likely untrustworthy or malicious) pages. There are thousands of such sites on the Web; tiontowriting.xyz, linkwinners.net, and 761d.site are but a few examples. Users typically access
As its name suggests, AdBlock Master is supposed to block online advertisements. Ironically, this app itself generates advertisements. Software that displays unwanted ads is called adware. Typically, users download and install adware unknowingly. It is known that AdBlock Master is promoted using m
Hoffmx is a ransomware-type program, which encrypts data (locks files) and demands ransoms for the decryption (access recovery). Compromised files are appended with a ".hoffmx" extension. To elaborate, a file initially named "1.jpg" would appear as "1.jpg.hoffmx" - after encryption. Once this pro
Topcipher is the name of ransomware designed to encrypt and rename files, and create a text file containing a ransom note. It appends the topcipher24@gmail.com email address, a string of random characters, and the ".topcipher" extension to filenames. For example, Topcipher renames "1.jpg" to "1.j
Yjqs is ransomware that prevents victims from accessing files by encrypting them. Also, Yjqs appends the ".yjqs" extension to filenames (for example, it renames "1.jpg" to "1.jpg.yjqs", "sample.png" to "sample.png.yjqs"), and creates a text file ("_readme.txt") containing a ransom note. Yjqs is pa