LOCKED encrypts files (and renames them), changes desktop wallpaper, creates the "HOW TO DECRYPT FILES.txt" file, and displays a pop-up window. It renames files by appending the ".LOCKED" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.LOCKED", "2.jpg" to "2.jpg.LOCKED", and so o
Scammers behind this website attempt to trick visitors into believing that, if they complete a survey, they will receive a $500 Amazon gift card. Neither this nor other similar web pages are legitimate or trustworthy. Commonly, scammers behind these pages ask users to provide personal information
Locks encrypts data, modifies the filename of each encrypted file, and generates two ransom messages. It renames files by appending the ".locks" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.locks", "2.jpg" to "2.jpg.locks", and so on. Locks creates "HOW TO DECRYPT FILES.txt"
Funcy Web is classified as a browser hijacker because it promotes a fake search engine (quicknewtab.com) and directs users to it without their permission. It also collects browsing history details and possibly other data. Note that browser hijackers such as Funcy Web are not often installed by us
OperativeMachine is classified as adware because it generates advertisements. Note that it also functions as a browser hijacker, modifying browser settings to promote a fake search engine. Typically, users do not download or install apps such as OperativeMachine intentionally and, for this reas
Some internet scams invite people to send a specific Bitcoin sum to a provided wallet or via a QR code, and promise to return double the amount of cryptocurrency. People who trust these scams receive nothing in return and simply lose the cryptocurrency that they send. This giveaway scam is no dif
Babuk Locker is ransomware that creates the "How To Restore Your Files.txt" file (ransom message) in all folders that contain encrypted files and renames the files by appending the ".__NIST_K571__" extension. For example, "1.jpg" is renamed to "1.jpg.__NIST_K571__", "2.jpg" to "2.jpg.__NIST_K571__
GoSearch22 is a potentially unwanted application (PUA) that functions as adware and generates advertisements. It belongs to the family of adware-type apps called Pirrit. Apps such as GoSearch22 are often downloaded and installed by users intentionally, and are thus classified as 'potentially unw
Xenon is an information stealer, which can be purchased from hacker forums for USD$150 or $80 (depending on the subscription plan). This type of malware resides in an infected device, collects data and sends it to the attacker. Victims are often not aware of Xenon's presence until particular symp
Ziggy blocks access to files by encryption, renames each encrypted file, and creates the "## HOW TO DECRYPT ##.exe" executable file (ransom message) in all folders that contain encrypted files. This ransomware renames files by adding the victim's ID, lilmoon1@criptext.com email address, and appen