Crazy ransomware belongs to the VoidCrypt ransomware family. It blocks access to files by encryption, renames each encrypted file, and creates the "!INFO.HTA" file, which is designed to open a pop-up window containing a ransom message. Crazy renames files by adding the crazykillerusakk@hotmail.co
The Finding Pro browser hijacker promotes tailsearch.com, a fake search engine. Typically, apps of this type promote fake search engines by changing certain browser settings without users' permission, however, this is not always the case with this site (see below). Additionally, Finding Pro colle
Alfonso (also known as Al'fon$o) is an information stealer that cyber criminals sell on hacker forums. Typically, malware of this type targets credit card details, passwords (and other sensitive information), and runs stealthily in the system background. Alfonso stealer collects data such
In most cases, websites such as peachlandus[.]com display fake virus alert pop-ups stating that the visitor's device is infected, compromised, damaged, or harmed in some other way. In summary, they use deceptive methods to trick visitors into downloading and installing a potentially unwanted app
CryptPethya belongs to the family of ransomware called Xorist. It not only encrypts and renames victims' files, but also changes the desktop wallpaper and creates the "HOW TO DECRYPT FILES.txt" file in all folders that contain encrypted files. CryptPethya renames files by appending its name as th
As its domain name suggests, 4anime[.]to is a website offering an anime streaming service. There are two problems with this web page: 1) it is a pirate site that illegally distributes copyrighted content, and; 2) it uses rogue advertising networks (containing dubious ads). Neither 4anime[.]to nor
In most cases, phishing emails are sent by scammers who attempt to trick recipients into providing sensitive, personal information such as credit card details, login credentials (e.g., username, email address, password), social security numbers and other details. Most are disguised as official, im
NuggetPhantom is a modularized malware toolkit consisting of three types of modules for deployment, download, and function execution. It targets computers that contain the EternalBlue vulnerability. Research shows that NuggetPhantom is used for cryptohijacking and DDoS attacks. Typically,
CompellingState functions as adware and as a browser hijacker. It generates advertisements and modifies browser settings without users' permission. It is also likely to collect browsing-related (and other) information. Typically, users do not download or install these apps intentionally and, th
There are many scam websites designed to display fake virus alerts, pop-up windows that suggest that users' devices are infected. These websites often seem similar to official Apple pages and usually contain a "Remove Virus" button linking users to a supposed security application. In summary, t