2o4xo is a piece of malicious software classified as ransomware. It is designed to encrypt data and demand payment for the decryption. Affected files are appended with a random character string and the ".2o4xo" extension. For example, a file initially titled "1.jpg" would appear as something simi
VIPSearch Pro is a piece of dubious software, endorsed as a tool offering a personalized search engine for professional use. It is classified as a browser hijacker due to the modifications it makes to browsers in order to promote (via vipsearch.top) the vipsearch.guru illegitimate search engine.
Escribeda[.]xyz is designed to trick visitors into agreeing to receive notifications and promote (open) untrustworthy websites. It is similar to aclientirethe[.]xyz, captchafilter[.]top, eruthoxup[.]com, and plenty of other pages. Users open them unintentionally. Escribeda[.]xyz loads a fa
AnalyzerWindow is a piece of rogue software that is categorized as adware. This application has browser hijacker qualities as well. It operates by running intrusive advert campaigns (i.e., delivers various ads) and promotes fake search engines by making modifications to browser settings. Additi
Quantum Ad Blocker is a rogue browser extension, which is endorsed as an adblocker - a tool that blocks ads on visited websites. However, this piece of software operates by delivering intrusive advertisements instead. Due to this, Quantum Ad Blocker is classified as adware and a PUA (Potentially U
O4kjj prevents victims from accessing files by encrypting them. It also renames files by appending a string of random characters and the ".o4kjj" to their filenames and creates a ransom note (the "p3qn_HOW_TO_DECRYPT.txt" file). Screenshot of a message encouraging users to pay a ransom to decr
"ING Bank email scam" refers to a spam campaign. The letters sent through this campaign are in Dutch and supposedly relate to parking fees. It must be emphasized that all of the information provided by these emails is false, and the legitimate entities mentioned - are not associated with the scam
PixStealer is the name of a banking Trojan, a malicious Android application targeting the Pix payment system and Brazilian bank applications. It abuses Android’s Accessibility Service. Research shows that cybercriminals used Google Play to distribute PixStealer by disguising it as PagBank applicat
Belonging to the VoidCrypt ransomware family, Temlown is a malicious program that encrypts data and demands payment for the decryption. Compromised files are renamed according to this pattern: original filename, cyber criminals' email address, unique ID assigned to the victim, and a ".temlown" ex
Vck99 encrypts files and modifies their filenames. It appends a string of random characters and the ".vck99" extension to filenames. For instance, Vck99 renames "1.jpg" to "1.jpg.ew_JA8UNQlPUbtDMKRXrsp-0_b5RUz7siu1DrqJ3jGD_PkWXE_-DtPM0.vck99", "2.jpg" to "2.jpg.ew_JA8UNQlPUbtDMKRXrsp-0_b5RUz7siu1D