Most users do not open pages such as news-hot[.]xyz intentionally - they are opened by browsers that have potentially unwanted applications (PUAs) installed on them, through deceptive ads and other dubious pages. These apps are classified as PUAs, since they are commonly downloaded and installed
PROM is a malicious program classified as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools. I.e., the files are rendered inaccessible and victims are asked to pay to recover access to their data. During the encryption p
Ransomware is a type of malware that cyber criminals use to block victims from accessing their files. It encrypts files and keeps them unusable/inaccessible until they are decrypted with a software key that the attackers encourage to purchase from them. Hard ransomware encrypts and renames files
Tag Search (or TagSearch) is a browser hijacker promoting the search-land.com fake search engine. Typically, software within this category promotes bogus search engines by making alterations to browser settings, however, Tag Search does not always modify browsers when promoting search-land.com (se
Direct Search Online is an application that hijacks browsers by changing certain settings to search.directsearchonline.com, the address of a fake search engine. In addition to changing browser settings, many browser hijackers gather browsing-related information. Most users download and install a
"BAPATOH OFFSHORE SDN BHD" refers to a spam email campaign, a large-scale operation during which thousands of deceptive emails are sent. The scam messages distributed through this campaign are presented as quotation requests. These emails promote a phishing website disguised as an Excel document
"Your Apple iPhone may be severely damaged by viruses!" is a scam promoted on untrusted websites. It operates by claiming that users' iPhones are infected and urges them to address the nonexistent issues. The goal is to trick users into downloading/installing and/or purchasing the endorsed prod
JacksBot (also known as jRAT) is the name of a Java-based Remote Access Trojan (RAT) that can be ported to run not only on Windows but also on macOS and Linux. Typically, cyber criminals distribute RATs to remotely monitor and control infected machines. Most of them use RATs to steal sensitive in
Amber is malicious software belonging to the Phobos ransomware family. This malware operates by encrypting data (locking files) to demand payment for decryption (access recovery). During the encryption process, affected files are renamed following this pattern: original filename, unique ID assign
Ransomware is a type of malicious software that prevents victims from accessing their files by encrypting them. Cyber criminals use malware of this type to extort money from their victims. They demand payment in exchange for a decryption tool. Enfp encrypts files and appends the ".enfp" extension