Password stealers are malicious programs that people often install on their computers inadvertently. Once installed, they stealthily collect sensitive information. In most cases, they target details such as login credentials (usernames, passwords), credit card details, and other personal informati
Musttrust.xyz is a fake search engine. Fraudulent web searchers like musttrust[.]xyz are usually promoted by PUAs (Potentially Unwanted Applications) categorized as browser hijackers. The Find browser hijacker has been noted promoting musttrust[.]xyz; what is noteworthy is that this rogue extensio
Serviceone[.]info has two purposes: to open various untrustworthy pages and to rick visitors into clicking the "Allow" button/agreeing to receive notifications. It shares these purposes with get-positive[.]net, positiveweb[.]org, captchamodern[.]top, and many other websites. Serviceone[.]i
Peatea.xyz is the URL (address) of a fake search engine. Typically, such web searchers are promoted by PUAs (Potentially Unwanted Applications) classified as browser hijackers. The peatea[.]xyz web searcher has been observed being promoted by a browser hijacker called Find. What is noteworthy abo
Ltnuhr encrypts files, then restarts a computer and displays a message on a black screen. It renames encrypted files by appending the ".ltnuhr" extension (for instance, it renames "1.jpg" to "1.jpg.ltnuhr", "2.jpg" to "2.jpg.ltnuhr"). Also, Ltnuhr creates the "RESTORE_FILES_INFO.txt" file, a ranso
"Network Solutions email scam" refers to a phishing spam campaign. The spam emails are disguised as storage-related notifications from Network Solutions - a legitimate technology company that is a subsidiary of Web.com, one of the largest .com domain name registrars. It must be emphasized that the
Xdwhatijunn[.]xyz has two purposes: to get permission to show notifications and promote shady web pages. It is more or less similar to positiveweb[.]org, towercaptcha[.]top, apel[.]top, and hundreds of other sites. Users open these sites unintentionally, for example, through untrustworthy ads or w
MysterySnail is the name of a Remote Administration Trojan (RAT) that was a payload in privilege escalation attacks that used exploits for Microsoft Windows vulnerabilities. A RAT is a type of malware that allows the attacker to control a computer remotely. Cybercriminals use it to steal informati
Similar to positiveweb.org, captchamodern.top, captcha-smart.top, and countless others, get-positive[.]net is a rogue website. It pushes its browser notifications, presents visitors with dubious content, and/or redirects them to various (likely unreliable or malicious) pages. Rogue sites are seld
Decryptionassistant is a ransomware-type program that encrypts data (renders files unusable) and demands ransoms for the decryption. Affected files are appended with ".decryptionassistant.[victim's_ID]". For example, a file initially named "1.jpg" would appear as something similar to ".decryption