Montana is a variant of LeakTheMall ransomware. This malicious program is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".montana" extension. For example, a file originally named something like "1.jpg" would appe
alltopposts[.]com and similar web pages should never be trusted. Typically, they are opened by browsers that have potentially unwanted applications (PUAs) installed on them, through deceptive ads, or other untrusted pages. In any case, users do not often open/visit these sites intentionally. Some
PDF Mighty is rogue software endorsed as a tool capable of converting files (e.g. Microsoft Office documents) into the PDF format, however, due to the dubious methods used to proliferate this application, it is classified as a Potentially Unwanted Application (PUA). One of the primary purposes of
FileConvertGiant is advertised as the most comprehensive file converter that works with a wide range of file types including various documents, archive files, spreadsheets, and audio and video files. In fact, this app is categorized as potentially unwanted application (PUA) because of the method t
Discovered by Amigo-A, LeakTheMall is a ransomware-type malicious program. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools. During the encryption process, files are appended with the ".crypt" extension. For example, a file origina
Discovered by xiaopao, Clay encrypts files and provides instructions about how to pay a ransom, contact the developers, and various other details. Unlike other malware of this type, Clay does not rename encrypted files or append any extension to the compromised filenames, however, it displays a ra
PromoteQueue is a rogue application classified as adware and also possessing browser hijacker traits. Following successful infiltration, PromoteQueue runs intrusive ad campaigns and makes modifications to browser settings to promote fake search engines. Most adware-type apps and browser hijacke
LiveSportSearch hijacks browsers by changing certain settings to livesportsearch.com (the address of a fake search engine). This browser hijacker also collects browsing-related information. Frequently, users download and install apps such as LiveSportSearch inadvertently and, therefore, they are c
TG33 is malicious software belonging to the Matrix ransomware family. It is designed to encrypt data and demand ransoms for decryption. During the encryption process, all affected files are renamed following this pattern: "[TomGate33@criptext.com].[random_string].TG33", which consists of the cybe
YUFL is designed to block access to files by encrypting them. It also changes the filenames and issues two ransom messages. It renames files by adding the victim's ID, the yourfiles1@tuta.io email address, and appending ".YUFL" to the extension. For example, "1.jpg" is renamed to "1.jpg.id-C279F2