Maxtrilha is the name of a banking trojan. This piece of malicious software is designed to target victims' banking accounts and their log-in credentials. Maxtrilha has been especially active in Latin America and certain countries in Europe (notably Portugal). This malware has been observed being s
!secure is a piece of malicious software categorized as ransomware. It encrypts data (renders files inaccessible) and demands payment for the decryption (access recovery). Affected files are prepended with the cyber criminals' email address and a unique ID assigned to the victims, they are also a
Void68 blocks access to files (it encrypts them) and modifies their filenames. It appends the ".void" extension to the filename of every encrypted file. For example, it renames "1.jpg" to "1.jpg.void", "2.jpg" to "2.jpg.void". Void68 also changes the desktop wallpaper to an image containing a rans
Password stealers are malicious programs that people often install on their computers inadvertently. Once installed, they stealthily collect sensitive information. In most cases, they target details such as login credentials (usernames, passwords), credit card details, and other personal informati
Musttrust.xyz is a fake search engine. Fraudulent web searchers like musttrust[.]xyz are usually promoted by PUAs (Potentially Unwanted Applications) categorized as browser hijackers. The Find browser hijacker has been noted promoting musttrust[.]xyz; what is noteworthy is that this rogue extensio
Serviceone[.]info has two purposes: to open various untrustworthy pages and to rick visitors into clicking the "Allow" button/agreeing to receive notifications. It shares these purposes with get-positive[.]net, positiveweb[.]org, captchamodern[.]top, and many other websites. Serviceone[.]i
Peatea.xyz is the URL (address) of a fake search engine. Typically, such web searchers are promoted by PUAs (Potentially Unwanted Applications) classified as browser hijackers. The peatea[.]xyz web searcher has been observed being promoted by a browser hijacker called Find. What is noteworthy abo
Ltnuhr encrypts files, then restarts a computer and displays a message on a black screen. It renames encrypted files by appending the ".ltnuhr" extension (for instance, it renames "1.jpg" to "1.jpg.ltnuhr", "2.jpg" to "2.jpg.ltnuhr"). Also, Ltnuhr creates the "RESTORE_FILES_INFO.txt" file, a ranso
"Network Solutions email scam" refers to a phishing spam campaign. The spam emails are disguised as storage-related notifications from Network Solutions - a legitimate technology company that is a subsidiary of Web.com, one of the largest .com domain name registrars. It must be emphasized that the
Xdwhatijunn[.]xyz has two purposes: to get permission to show notifications and promote shady web pages. It is more or less similar to positiveweb[.]org, towercaptcha[.]top, apel[.]top, and hundreds of other sites. Users open these sites unintentionally, for example, through untrustworthy ads or w