Discovered by GrujaRS, Suncrypt ransomware prevents victims from accessing files by encryption. It also renames all encrypted files and creates a ransom message. It renames encrypted files by appending a string of random characters as the new extension. For example, Suncrypt would rename a file c
FieldIndexer is classified as adware, since it feeds users with various advertisements. Commonly, apps of this type collect information relating to users' browsing habits, and this might also be the case with FieldIndexer. Additionally, it could be designed to promote a fake search engine (funct
StreamSaloon is a browser hijacker designed to change certain browser settings to the address a fake search engine (streamsaloon.com). Additionally, it might collect information relating to users' browsing activities. Generally, users download and install apps such as StreamSaloon (browser hijack
PublicBoardSearch is rogue software classified as adware. This app also has browser hijacker traits. PublicBoardSearch operates by delivering intrusive advertisement campaigns and making modifications to browsers to promote fake search engines. Additionally, most adware-type apps and browser hi
NW24 belongs to the Dharma ransomware family and was discovered by Jakub Kroustek. This ransomware encrypts files, renames them and provides victims with instructions about how to contact the developers. NW24 renames files by adding the victim's ID, newhelper24@protonmail.ch email address and appe
SearchConverters is a browser hijacker, which operates by making changes to browser settings to promote a fake search engine (search-converters.com). This software also monitors users' browsing habits. Additionally, due to the dubious techniques used to proliferate SearchConverters, it is classifi
StreamBeeSearch assigns certain browser settings to streambeesearch.com, the address of a fake search engine. Note that apps of this type often track information (collect various browsing-related data). Users often download and install browser hijackers inadvertently and, for this reason, they are
"Nico International Email Virus" refers to a spam email campaign designed to proliferate the Agent Tesla RAT (Remote Access Trojan). The term "spam campaign" is used to define a large-scale operation, during which thousands of deceptive emails are sent. The messages distributed through this spam
In most cases, cyber criminals behind malspam campaigns disguise their messages as official and important, and sent from legitimate companies and organizations. Their main goal is to trick recipients into opening a malicious file attached to the email (or that can be downloaded through a link in t
connection-protect[.]com is a deceptive website, which promotes various scams. It has been observed promoting schemes that target Apple product users, primarily mobile device users. At the time of research, the scam run on connection-protect[.]com claimed that visitors' devices may have been com