Yandex is the name of a ransomware-type program. It encrypts data (renders files unusable) and demands payment for the decryption. Affected files are appended with a ".yandex" extension. For example, a file named "1.jpg" would appear as "1.jpg.yandex", "2.jpg" as "2.jpg.yandex", etc. Once this pr
Acefarlessc[.]online uses a clickbait technique to get permission to show notifications and opens shady websites. It is promoted through untrustworthy advertisements, questionable pages, and (or) potentially unwanted applications (PUAs). Acefarlessc[.]online displays a message encouraging
Invert is the name of ransomware that encrypts files and appends the ".fun" extension to their filenames. For example, a file named "1.jpg" gets renamed to "1.jpg.fun", "2.jpg" to "2.jpg.fun", and so on. Invert displays a pop-up window as its ransom note. Screenshot of a message encouraging us
Numando is a banking trojan written in the Delphi programming language. As the malicious program's classification implies, it is designed to steal banking information. Numando primarily targets Brazil, with seldom campaigns occurring in Mexico and Spain. Numando operates by displaying over
Erewasnos[.]xyz displays a fake CAPTCHA to trick visitors into agreeing to receive notifications and opens other untrustworthy sites. Erewasnos[.]xyz is pretty similar to expensivesurvey[.]live, offersworld4u[.]online, onemacusa[.]com, and many more. Users do not visit websites of this type on pur
Spydr is the name of ransomware that is a variant of another ransomware called Babuk. Spydr encrypts files and provides a ransom note (creates the "RESTORE FILES.txt" file). It also renames encrypted files by appending the ".spydr" extension. For example, it renames "1.jpg" to "1.jpg.spydr", "2.jp
Expensivesurvey[.]live is an untrustworthy website sharing similarities with offersworld4u.online, dnsvibes.co, eneedande.online, othemyinetere.space, and many others. It operates by loading questionable content and/or redirecting visitors to various (likely unreliable or malicious) pages. Sites
Seismology Lab is supposed to provide information about earthquakes. It is known that this app displays advertisements. Thus, it is classified as adware (advertising-supported software). Also, Seismology Lab can read and change data on websites that users visit while this app is present. S
SportSearchNow is a browser hijacker promoting the sportsearchnow.com fake search engine. Since most users inadvertently download/install browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications). SportSearchNow modifies browsers by assigning sportsearchnow.co
1337x[.]to is an untrusted Peer-to-Peer sharing website, which supposedly enables users to share various files (e.g. software, audio, video, etc.). The content is downloaded using magnet links and/or torrent files. The material shared on such websites often infringes copyright laws and is commonly