One of the most popular ways to distribute malware is to send emails that contain malicious attachments or website links. Once opened, malicious attachments (or files downloaded via website links) install malicious software. Typically, cyber criminals behind such emails claim to be from legitimat
Driver Magic is untrusted software, endorsed as a tool capable of detecting outdated/missing drivers and installing/updating them, however, due to the dubious techniques used to proliferate Driver Magic, it is classified as a Potentially Unwanted Application (PUA). As well as their legitimate app
goodmode[.]biz is an untrusted website designed to redirect visitors to other bogus/malicious pages and/or present them with dubious content. There are thousands of similar sites on the web including, for example, zvideo-live.com, fypretailo.top, and uploadhub.co. Visitors to rogue web pages rare
A ransomware attack is a type of malware attack in which the attacker (the ransomware) encrypts the victim's data and then demands payment to decrypt data. Usually, files are encrypted and renamed. Yulnedxmo renames files by appending the ".yulnedxmo" extension to filenames. For example, "1.jpg"
Ransomware is a type of malware that prevents victims from accessing their computers or the files that are stored on them. This is an updated version of Parasite ransomware. Paras1te blocks access to files by encryption. It also renames every encrypted file by appending the ".paras1te" to its fil
Micro is a malicious program, which is part of the CryptoWall ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption (the stored files are rendered inaccessible and renamed). When this ransomware encrypts, affected files are
Update-for-today[.]com is a deceptive website promoting various pop-up scams. At the time of research, this site ran a scheme targeting Android device users. The scam implies that the device's cleaning/protection software (essentially, the anti-virus tool) is outdated. Schemes of this type are co
Pages such as greenmode[.]biz are rogue: the content of these pages is deceptive and is used to promote other dubious web pages. Users are forced to visit pages such as greenmode[.]biz against their will. These pages are usually promoted through dubious advertisements, bogus websites or potentiall
Browser hijackers are potentially unwanted applications (PUAs) that modify browser settings to force users to visit certain websites (typically, to use fake search engines). PDFSearchly assigns browser settings to pdfsearchly.com. Apps of this type are classified as PUAs because most users downlo
The main purpose of TRU8 is to encrypt files (prevent victims from accessing their data) and keep them encrypted until a ransom is paid. This ransomware also modifies the filenames of all encrypted files and creates "!README_TRU8!.rtf" text files in folders that contain encrypted files. TRU8 rena