Recoverydatas belongs to the Scarab ransomware family. Ransomware is a form of malware that encrypts and renames victims' files and generates ransom messages. Recoverydatas creates the "HOW TO RECOVER ENCRYPTED FILES.TXT" text file (ransom message) in all folders that contain encrypted files. It
Agho is a malicious program belonging to the Djvu ransomware family. It is designed to encrypt data and demand payment for decryption tools/software. During the encryption process, all affected files are appended with the ".agho" extension. For example, a file originally named something like "1.jp
UpdateDecrypter is malicious software classified as ransomware. Malware of this type typically encrypts the files of infected systems and/or locks the device's screen - criminals then demand ransoms for decryption tools and to restore access. UpdateDecrypter operates by encrypting data and changin
Discovered by Michael Gillespie, FUSION is a malicious program and part of the Nefilim ransomware family. This program is designed to rename encrypted files by adding the ".FUSION" extension. For example, "1.jpg" is renamed to "1.jpg.FUSION", "2.jpg" to "2.jpg.FUSION", and so on. It also creates
PDFSearchHD is a browser hijacker because it promotes a fake search engine (pdfsearchhd.com) by changing certain browser settings. It is also likely to collect browsing data. Note that browser hijackers are classified as potentially unwanted applications (PUAs), since users often download and inst
"POWERBALL OFFICIAL 2020 WINNINGS" is an email phishing spam campaign. The term "spam campaign" refers to a mass-scale operation, during which thousands of deceptive emails are sent. The messages distributed through the "POWERBALL OFFICIAL 2020 WINNINGS" spam campaign are disguised as official ma
Thcuhswza belongs to the Snatch ransomware family. It renames every file that it has encrypted and creates a ransom message in all folders that contain encrypted files. Thcuhswza renames files by appending the ".thcuhswza" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.thcuhswza
Search-Streamly promotes search-streamly.com, a fake search engine. Like most apps of this type, it achieves this by changing certain browser settings. Additionally, it might be designed to gather information relating to users' browsing activities and other details. Frequently, users download and
OperativeSync is an adware-type application with browser hijacker traits. Following successful installation, it runs intrusive advertisement campaigns and makes modifications to browser settings to promote bogus search engines. On Google Chrome browsers, OperativeSync promotes search.basicgenera
Acuff belongs to the Phobos ransomware family. Malware of this type is designed to encrypt data, rename each encrypted file, and generate ransom messages. This particular ransomware program renames encrypted files by adding the victim's ID, the unlockfiles2021@cock.li email address to filenames, a