Gac was discovered by Jakub Kroustek and belongs to the Dharma ransomware family. Gac renames encrypted files by adding the victim's ID, the getacrypt@tuta.io email address, and appending the ".gac" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.id-1E857D00.[getacrypt@tuta.io].
Cyberpunk 2077 is a 2020 action role-playing video game, one of the most anticipated games of the year that was released on 10 December 2020. Cyber criminals commonly exploit the popularity of games to distribute malware, and Cyberpunk 2077 is no exception. In this particular case, cyber criminal
Web pages such as aldiscret[.]online are usually opened by browsers automatically - when they have potentially unwanted applications (PUAs) installed on them. I.e., users do not often visit these bogus sites intentionally, and neither do they install (or even download) PUAs intentionally. There a
directsearchapp.com is a fake search engine which appears in browser settings after installation of a browser hijacker (browser hijacking extension). Commonly, apps of this type collect browsing-related and other information. In most cases, users download and install browser hijackers inadvertent
CoderWare (also known as BlackKingdom) is designed to encrypt victims' files, modify their filenames, and generate ransom messages. It renames encrypted files by appending ".DEMON" as the file extension. For example, "1.jpg" is renamed to "1.jpg.DEMON", "2.jpg" to "2.jpg.DEMON", and so on. CoderW
Omfl encrypts victims' files and renames each encrypted file by appending the ".omfl" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.omfl", "2.jpg" to "2.jpg.omfl", and so on. Omfl also creates the "_readme.txt" text file (a ransom message) in each folder that contains encrypted
21btc is a malicious program belonging to the Dharma ransomware family. It is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are renamed following this pattern: original filename, unique ID assigned to the victims, cyber criminals' ema
Web pages such as webquizspot[.]com are promoted by potentially unwanted applications (PUAs), which people install on their computers/browsers inadvertently. I.e., they do not often visit these sites intentionally. There are many websites that are similar to webquizspot[.]com including, for examp
VIAM is malicious software categorized as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. I.e., VIAM locks files, making them inaccessible and redundant to users. During the encryption process, files are appended wit
This ransomware was discovered by xiaopao. Rastar encrypts files and appends the ".rastar" extension to their filenames. For example, "1.jpg" is renamed to "1.jpg.rastar", "2.jpg" to "2.jpg.rastar", and so on. Rastar also creates a ransom message within the "HOW_TO_DECYPHER_FILES.txt" file, which