LockBit 2.0 is an updated variant of the LockBit ransomware. This malicious program is designed to encrypt data and demand ransoms for the decryption. In other words, this ransomware renders files unusable and asks victims to pay - to restore access/use of their data. During the encryption proces
Sharing common traits with premium-shops-around.me, positiveweb.org, verifyrobots.online, life-change-about.me, and thousands of others, 761d[.]site is a rogue webpage. It loads questionable content and/or redirects visitors to various (likely unreliable or malicious) websites. Users typically en
Wind Blocker is a rogue browser extension endorsed as an adblocker. It is supposedly capable of eliminating various advertisements on the Web. Instead, Wind Blocker operates as adware, i.e., it displays ads. Furthermore, due to the questionable methods used to distribute software products within t
MyKings is the name of a botnet leveraging EternalBlue vulnerability in the Windows operating system. It is known that this botnet spreads Trojans, cryptocurrency miners, and possibly other malware. Once the system is infected, MyKings attempts to spread to other devices using the vulnerability me
Mhkwl is a piece of malicious software classified as ransomware. It operates by encrypting data (rendering files unusable) and demanding payment for the decryption. Encrypted files are appended with a random character string and a ".mhkwl" extension. For example, a file initially titled "1.jpg" w
Premium-shops-around[.]me is a rogue website similar to get-positive.net, positiveweb.org, apel.top, captcha-smart.top, and countless others. It is designed to load dubious content and/or redirect visitors to different (likely untrustworthy or malicious) webpages. Most users enter rogue sites via
The purpose of most phishing emails is to trick recipients into providing personal information (usually through a provided website). These emails often are disguised as letters from legitimate companies or other entities. Scammers behind this email posing as Host Europe - a German company that ser
Maxtrilha is the name of a banking trojan. This piece of malicious software is designed to target victims' banking accounts and their log-in credentials. Maxtrilha has been especially active in Latin America and certain countries in Europe (notably Portugal). This malware has been observed being s
!secure is a piece of malicious software categorized as ransomware. It encrypts data (renders files inaccessible) and demands payment for the decryption (access recovery). Affected files are prepended with the cyber criminals' email address and a unique ID assigned to the victims, they are also a
Void68 blocks access to files (it encrypts them) and modifies their filenames. It appends the ".void" extension to the filename of every encrypted file. For example, it renames "1.jpg" to "1.jpg.void", "2.jpg" to "2.jpg.void". Void68 also changes the desktop wallpaper to an image containing a rans