CRYpt0r V2.0 is a type of malware that encrypts files and appends the ".cry" extension to their filenames (for example, it changes "1.jpg" to "1.jpg.cry", "2.jpg" to "2.jpg.cry"). To provide instructions on how to contact the attackers, CRYpt0r V2.0 changes the desktop wallpaper and creates the "L
Positiveweb[.]org is a rogue website similar to captchamodern.top, financesurvey24.top, hisqueost.xyz, and thousands of others. These pages are designed to promote their browser notifications, present visitors with questionable content, and/or redirect them to various (likely untrustworthy or mali
Gvh65 is a malicious program classified as ransomware. It is designed to encrypt data (render files inaccessible) and demand ransoms for the decryption. Compromised files are appended with a random character string and a ".gvh65" extension. For example, a file like "1.jpg" would appear something
Typically, scammers use phishing emails to trick recipients into providing personal/sensitive information like credit card details, login credentials. Scammers behind this email seek to obtain email account login credentials through a phishing website. Scammers attempt to trick recipients
GABUTS PROJECT is a ransomware-type program. It operates by encrypting data and demanding ransoms for the decryption. Affected files are appended with an ".im back" extension. For example, "1.jpg" would appear as "1.jpg.im back", "2.jpg" as "2.jpg.im back", and so on. Afterwards, a ransom note -
!palang is ransomware that encrypts files (and modifies their filenames), and generates two ransom notes ("!README!.hta"/pop-up window and "!README!.txt") containing mainly contact information. It renames files by prepending mrpalang@cock.li email address, victim's ID, and appending the ".!palang"
FocusDeploy is a piece of rogue software classified as adware. It has browser hijacker abilities as well. Since most users download/install such apps inadvertently, they are also categorized as PUAs (Potentially Unwanted Applications). Adware displays various banners, pop-ups, coupons, s
Captchamodern[.]top is a rogue site designed to load dubious content, push its browser notifications, and/or redirect visitors to other (likely untrustworthy or malicious) webpages. The Internet is rife with such websites; apel.top, verifyrobots.online, news-hoyisa.cc, and liffsandupa.xyz are just
BeyondLaunch has two purposes - to generate advertisements and promote a fake search engine. It has the qualities of advertising-supported software and a browser hijacker. It is uncommon for apps of this type to be downloaded and installed knowingly. For this reason, BeyondLaunch falls into the
Towercaptcha[.]top is designed to use a clickbait technique to trick visitors into agreeing to receive notifications and open other questionable web pages. It shares similarities with premium-news-for[.]me, arfanbajt[.]xyz, theresults[.]net, and hundreds of other pages. Users do not open them inte