Discovered by Jakub Kroustek, Lxhlp is a malicious program belonging to the Dharma ransomware family. This malware operates by encrypting files and demanding payment for decryption. During the encryption process, all compromised files are renamed following this pattern: original filename, unique
The Mountains browser hijacker changes certain browser settings to mountainsext.store (the address of a fake search engine). Typically, apps of this type are designed to modify settings and collect various data. Browser hijackers are categorized as potentially unwanted applications (PUAs), since u
"Free up some memory urgently" is a scam run on deceptive websites. It promote the Kalox APP browser hijacker, however, the scheme might also promote different browser hijackers, adware and other Potentially Unwanted Applications (PUAs). This scam could potentially also promote malware (e.g. ranso
.support belongs to the MedusaLocker ransomware family and was discovered by Petrovic. It is designed to encrypt files, modify their filenames and create an HTML file named "Recovery_Instructions.html" (the ransom message). This ransomware places the ransom message in all folders that contain encr
My Smart Converter hijacks browsers by changing certain settings to mysmartconverter.com, the address of a fake search engine. It possible that this app will also record various browsing-related data. People do not often download or install browser hijackers intentionally and, for this reason, the
Cyber criminals behind this malspam campaign attempt to trick recipients into believing their office has been exposed to the coronavirus and reviewing (opening) the attached document. This email contains a malicious Microsoft Excel document causing installation on TrickBot, which is Trojan-type ma
Zida is malicious software belonging to the Djvu ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, all affected files are appended with the ".zida" extension. For example, a file o
Discovered by Jakub Kroustek, .HOW belongs to the Dharma ransomware family. This malware encrypts files, changes filenames, and generates ransom messages. It renames encrypted files by adding the victim's ID, how_decrypt@aol.com email address and appending the ".HOW" extension to filenames. For e
MyAudioTab is a browser hijacker designed by Mindspark Interactive Network. It supposedly provides quick access to various audio conversion tools. In fact, its main purpose is to promote hp.myway.com (the address of a fake search engine) by changing certain browser settings. Typically, apps of th
WastedLocker is a malicious program classified as ransomware. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption. There are multiple variants of this ransomware. During the encryption process, WastedLocker renames affected files by appending