Porn ransomware is designed to encrypt files, append the ".porn" extension to their filenames, display a pop-up window, and create the "RECUPERAR__.porn.txt" file. Porn changes a file named "1.jpg" to "1.jpg.porn", "2.jpg" to "2.jpg.porn", and so on. The displayed pop-up window and created text fi
WebSearchStreams is a potentially unwanted application (PUA) that hijacks a browser by changing its settings. The main purpose of this application is to promote a fake search engine, the websearchstreams.com address. WebSearchStreams is a PUA because users often download and install apps of this t
Abc is part of the CryptoWall ransomware family. It encrypts files and appends the ".abc" extension to filenames (for example, it renames "1.jpg" to "1.jpg.abc", "2.jpg" to "2.jpg.abc". Abc creates three ransom notes: "RESTORE_FILES.TXT", "RESTORE_FILES.BMP" and "RESTORE_FILES.HTML". Screensho
"Unfortunately, there are some bad news for you" is the name of a sextortion spam campaign. The emails sent through this campaign claim that the sender has made a sexually explicit video featuring the recipient, and this recording will be publicized - unless the ransom demands are met. It must be
J4fsf is a ransomware-type program, which encrypts data and demands payment for the decryption. Affected files are appended with - ".[random_string].j4fsf extension", which consists of a random character string, and the ".j4fsf" extension. For example, a file like "1.jpg" would appear as something
SuccessAdvanced is a rogue application classified as adware. It also has browser hijacker qualities. What is more, since most users download/install apps of this type inadvertently, they are categorized as PUAs (Potentially Unwanted Applications) as well. Adware enables the placement of
Nomad is a malicious program that belongs to the Dharma ransomware family. It is designed to encrypt data (render files inaccessible) and demand ransoms for the decryption. Affected files are renamed following this pattern: initial filename, unique ID assigned to the victim, cyber criminals' emai
Centralheat[.]me is designed to trick visitors into allowing it to show notifications. It uses a clickbait technique for that. Also, centralheat[.]me is used to promote questionable websites. This page shares similarities with plenty of other pages, for example, fast-travel[.]org, joaglouwulin[.]c
Rigd is part of the Djvu ransomware family. This variant encrypts files and appends the ".rigd" extension to their filenames (for example, it changes "1.jpg" to "1.jpg.rigd", "2.jpg" to "2.jpg.rigd"). Instructions on how to contact the attackers and other details are provided in the "_readme.txt"
"Voicemail email scam" refers to a spam campaign - a mass-scale operation during which thousands of deceptive emails are sent. The letters distributed through this campaign - are disguised as notifications concerning a new voicemail. This spam mail aims to promote a phishing website designed to r