"IOS /MAC Defender Alert" is a technical support scam, promoted on deceptive websites. This scheme targets Apple product users and claims that their devices have been infected. To prevent any damage being caused to the device, users are encouraged to call "Apple technical Support". This is a sc
Docallisec is an adware-type application with browser hijacker traits. Following installation, it runs intrusive advertisement campaigns (i.e. delivers various unwanted ads), makes alterations to browser settings and promotes fake search engines. Most adware and browser hijackers have data track
ExpertLookupEngine is rogue software categorized as adware. This app also has browser hijacker traits. It operates by running intrusive advertisement campaigns, making modifications to browser settings and promoting fake search engines. It is highly likely that ExpertLookupEngine records browsin
This deceptive website is designed to promote another scam ("Norton subscription has expired today") and trick visitors into believing that their Mac computers are infected with viruses. It claims that, to remove the viruses, visitors must renew their antivirus software subscriptions. In fact,
SectionBrowser is an adware-type application with browser hijacker traits. Following successful installation, it operates by delivering intrusive advertisement campaigns, making modifications to browser settings and promoting fake search engines. SectionBrowser promotes Safe Finder via akamaihd.
![[Zfile@Tuta.Io] Ransomware](/images/thumbnails/th-large-18416-zfile-at-tuta-io-ransomware.jpg)
[Zfile@Tuta.Io] is a malicious program, which is part of the GlobeImposter ransomware family. It operates by encrypting files and demanding payment for decryption. During the encryption process, all affected files are appended with the ".[Zfile@Tuta.Io]" extension. For example, a file originally
SearchWebPortal is a rogue application classified as adware, which also has browser hijacker traits. Following successful infiltration, it operates by delivering intrusive advertisement campaigns, making modifications to browser settings and promoting fake search engines. Most adware and browse
Discovered by Karsten Hahn, FlyingShip ransomware is based on CryptoWire. It encrypts files using the AES-257 encryption algorithm and renames all encrypted files by inserting the ".flyingship" string into the filenames. For example, it would rename a file called "1.jpg" to "1.flyingship.jpg", "2.
"Secure Boot Violation" is a deceptive message displayed by screen-locking malicious software. Screenlockers prevent using the infected device (by locking its screen) and often present users with false information regarding the loss of access. "Secure Boot Violation" is no exception to this, and
ivpnconfig[.]com is a deceptive website that often tricks visitors into downloading and installing a potentially unwanted application (PUA). For example, a fake anti-virus tool, adware, or browser hijacker. In most cases, these sites are opened through other dubious websites, untrusted advertise