Commonly, browsers open hevethat[.]online and similar sites due to potentially unwanted applications (PUAs) installed on them, or when users click deceptive ads or visit other untrusted websites. In any case, these web pages are not often visited by users intentionally. hevethat[.]online is an un
In most cases, ransomware encrypts files (renders them unusable) and generates ransom messages. Acrux not only encrypts but also renames files, appending the victim's ID, the decodeacrux@gmail.com email address, and ".Acrux" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.id[C27
AndroRAT is the name of a malicious program targeting Android operating systems on smartphones. It is classified as a Remote Access Trojan (RAT). Malware of this type is designed to enable stealthy remote access and control over an infected device. These Trojans have a wide variety of dangerous f
Ares is the name of a banking Trojan, a new variant of Kronos. Usually, malware of this type targets login credentials (e.g., usernames, email addresses, passwords), bank account numbers, credit card information, and other financial information. Research shows that Ares is designed to download an
MailRU is a malicious program, which is part of the Xorist ransomware family. It is designed to encrypt data (render files inaccessible/unusable) and demand payment for decryption (access recovery). When this ransomware encrypts, filenames of affected files are appended with the ".MailRU" extensi
Cactus Search is rogue software classified as a browser hijacker. It operates by promoting the cactus-search.com fake search engine through modification of browser settings. Furthermore, Cactus Search has data tracking capabilities, which are employed to monitor users' browsing habits. Since brow
essingto[.]online is similar to bemasx[.]com, mycoolnewz[.]com, private-message[.]live, and many other pages of this kind. Most display dubious content and promote other untrusted sites. Users do not often visit these rogue sites intentionally - they are opened by clicking deceptive advertisement
Discovered by malware researcher S!Ri, Wintenzz is a ransomware-type program. It operates by encrypting files (rendering them inaccessible) and demanding payment for the decryption (access recovery). During the encryption process, the filenames of affected files are appended with the ".wintenzz"
Ransomware is a form of malware that encrypts files (rendering them inaccessible). The attackers demand ransoms to restore access to victims' data. Siliconegun encrypts files and modifies their filenames by appending ".siliconegun@tutanota.com" as the file extension. For example, "1.jpg" is renam
bemasx[.]com is a rogue website sharing many similarities with mycoolnewz.com, private-message.live, yourdeliv.online, and thousands of others. Visitors to this page are presented with dubious content and/or are redirected to various untrusted or malicious sites. Web pages of this kind are seldom