Decme belongs to the VoidCrypt ransomware family. It is designed to encrypt victims' files, rename them by adding the files2021@tutanota.com email address and victim's ID, and appending the ".decme" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.[Files2021@tutanota.com][HXEFMGV
Generally, scammers behind phishing emails fraudulently attempt to obtain sensitive information such as usernames, passwords and other credentials, and credit card details, by disguising their emails as messages from legitimate companies, organizations, etc. This particular email is disguised as
GetVideoSearch is classified as a browser hijacker because it promotes a fake search engine (getvideosearch.com) by making changes to browser settings. Like most apps of this type, it also collects browsing data. Commonly, users download and install browser hijackers inadvertently and, therefore,
special-breaking[.]news is not often visited by users intentionally. Commonly, these web pages are promoted via potentially unwanted applications (PUAs), deceptive ads, and other dubious web pages. There are many websites similar to special-breaking[.]news including bigkick[.]biz, rchesasider[.]to
SWP is part of the Dharma ransomware family and was discovered by xiaopao. SWP encrypts files, modifies their filenames, and provides instructions about how to contact the developers (it displays a pop-up window and creates the "FILES ENCRYPTED.txt" text file). It renames files by adding the vict
The ExpertModuleSearch application is part of the AdLoad adware family. Research shows that it is distributed and installed through a fake Adobe Flash Player installer. ExpertModuleSearch is not the only unwanted app that is installed through this installer - another app named Safe Finder is als
PDFConverterSearchTool is a browser hijacker. This piece of rogue software operates by making modifications to browser settings to promote pdfconvertersearchtool.com (a fake search engine). PDFConverterSearchTool also has data tracking capabilities, which are used to monitor users' browsing habits
OnlineSportsSearch is rogue software categorized as a browser hijacker. Following successful infiltration, it makes alterations to browser settings to promote onlinesportssearch.com (a bogus search engine). Additionally, most browser hijackers have data tracking capabilities, which are employed to
Dulgtv belongs to the Snatch ransomware family. Typically, malware of this type is designed to encrypt victims' files, rename them, and generate a ransom message. Dulgtv appends the ".dulgtv" extension to the filenames of encrypted files. For example, "1.jpg" is renamed to "1.jpg.dulgtv", "2.jpg"
Caterpillar is malicious software and part of the Voidcrypt ransomware group. This malware operates by encrypting files and demanding payment for decryption tools. During the encryption process, all affected files are renamed following this pattern: original filename, cyber criminals' email addres