CoderWare (also known as BlackKingdom) is designed to encrypt victims' files, modify their filenames, and generate ransom messages. It renames encrypted files by appending ".DEMON" as the file extension. For example, "1.jpg" is renamed to "1.jpg.DEMON", "2.jpg" to "2.jpg.DEMON", and so on. CoderW
Omfl encrypts victims' files and renames each encrypted file by appending the ".omfl" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.omfl", "2.jpg" to "2.jpg.omfl", and so on. Omfl also creates the "_readme.txt" text file (a ransom message) in each folder that contains encrypted
21btc is a malicious program belonging to the Dharma ransomware family. It is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are renamed following this pattern: original filename, unique ID assigned to the victims, cyber criminals' ema
Web pages such as webquizspot[.]com are promoted by potentially unwanted applications (PUAs), which people install on their computers/browsers inadvertently. I.e., they do not often visit these sites intentionally. There are many websites that are similar to webquizspot[.]com including, for examp
VIAM is malicious software categorized as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. I.e., VIAM locks files, making them inaccessible and redundant to users. During the encryption process, files are appended wit
This ransomware was discovered by xiaopao. Rastar encrypts files and appends the ".rastar" extension to their filenames. For example, "1.jpg" is renamed to "1.jpg.rastar", "2.jpg" to "2.jpg.rastar", and so on. Rastar also creates a ransom message within the "HOW_TO_DECYPHER_FILES.txt" file, which
SearchConverterBox is a browser hijacker that modifies browser settings by assigning some of them to searchconverterbox.com. Like most apps of this type, it is likely that SearchConverterBox also collects information. Typically, users do not download or install browser hijackers intentionally and
Sharing many similarities with npolicito.online, roboverify.xyz, emindeed.top and thousands of others, enhesita[.]online is a rogue website. Visitors to this site are presented with dubious material and/or are redirected to other deceptive and possibly malicious websites. Typically, users access
Horizon is malicious software belonging to the Voidcrypt ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, files are renamed following this pattern: original filename, cyber crimina
"EniGaseLuce email virus" refers to a spam campaign, spreading the Ursnif trojan. The term "spam campaign" defines a mass-scale operation, during which thousands of deceptive emails are sent. The scam emails distributed through this campaign, claim that recipients have an unpaid bill for the servi