Ubrhnqznw encrypts files, appends the ".ubrhnqznw" extension to filenames, and creates the "HOW TO RESTORE YOUR FILES.TXT" text file containing a ransom note. An example of how encrypted files get renamed: "1.jpg" to "1.jpg.ubrhnqznw", "sample.png" to "sample.png.ubrhnqznw", and so on. Screens
"ING Email Scam" refers to a spam campaign. These phishing emails attempt to obtain recipients' log-in credentials by claiming they have a message from ING - a Dutch multinational banking and financial services corporation. It must be emphasized that the genuine ING Group is in no way associated w
ProductionElements delivers annoying advertisements and changes the settings of a web browser (hijacks a web browser to promote a fake search engine). A big part of adware-type/browser-hijacking apps are promoted and (or) distributed using questionable methods. Thus, users download and (or) inst
DeluxeSolutions is a rogue app with adware and browser hijacker abilities. Since most users download/install software of this kind inadvertently, as they are also categorized as PUAs (Potentially Unwanted Applications). Adware enables the placement of third-party graphical content (e.g.,
Hello xD makes files inaccessible by encrypting them, and changes their file extensions to ".hello". For example, it renames "sample.jpg" to "sample.jpg.hello", "1.png" to "1.png.hello". Also, Hello xD creates a text file ("Hello.txt") containing a ransom note. Screenshot of files encrypted by
Fayg2 ransomware is malicious software that encrypts files to force victims to purchase a decryption tool from the attackers. It also provides a ransom note (the "MyEY_HOW_TO_DECRYPT.txt" file) and appends a random string of characters and the ".fayg2" extension to filenames. For example, Fayg2 r
UltraSystem is an adware-type app with browser hijacker abilities. It is designed to run intrusive ad campaigns, and it can promote fake search engines. Furthermore, software products of this type - are also classified as PUAs (Potentially Unwanted Applications). It is noteworthy that UltraSyste
TheSearchMaps is a browser-hijacking extension. It promotes the thesearchmaps.com fake search engine. Due to the dubious methods used to distribute browser hijackers, they are also categorized as PUAs (Potentially Unwanted Applications). Browser hijackers (e.g., TheSearchMaps) assign fake
Quicknewtab is a browser hijacker that changes a web browser's settings. This application aims to promote quicknewtab.com - a fake search engine. Another detail about browser-hijacking apps is that users rarely download and install them knowingly. Quicknewtab sets quicknewtab.com as the ho
Belonging to the Dharma ransomware family, DC is a piece of malicious software that encrypts data (renders files unusable) and demands ransoms for the decryption. Files are appended with a unique ID assigned to the victim, the cyber criminals' email address, and a ".DC" extension. For example, a