BKGHJ is a malicious program that belongs to the Makop ransomware group. Systems infected with this malware have their data encrypted, the filenames of affected files are altered, and victims receive ransom demands for decryption. During encryption, files are renamed following this pattern: origi
People do not often download or install the OriginalModule app intentionally, since its installer is disguised as the Adobe Flash Player installer. Therefore, OriginalModule is categorized as a potentially unwanted application (PUA). This app is designed to modify browser settings (to promote a
Sn0wsLogger is malicious software, which is classified as a stealer. The primary purpose of this type of malware is to steal various sensitive and confidential information. Stealers have various capabilities, enabling them to carry out this purpose, however, in addition to being a serious privacy
VASA LOCKER is designed to prevent victims from accessing or using their files by employing SHA256 hashing, ChaCha8 encryption, ECDH key generation, and an algorithm to encrypt files and secure its keys. VASA LOCKER also renames each encrypted file by appending the ".__NIST_K571__" extension to f
UpdaterSync is an adware-type app with browser hijacker traits. It operates by running intrusive advertisement campaigns (i.e., delivering ads) and making modifications to browsers to promote fake search engines. Due to the dubious methods used to proliferate UpdaterSync, it is also categorized
Cring encrypts files and appends the ".cring" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.cring", "2.jpg" to "2.jpg.cring", and so on. Cring also creates a ransom message within a text file named "!!!!deReadMe!!!.txt", dropoing this file into all folders that contain encrypt
Adware generates unwanted advertisements, however, ProcessBrand also functions as a browser hijacker, changing browser settings to promote a fake search engine address. It is likely that ProcessBrand also gathers browsing data and other information. These apps are often downloaded and installed
Websites such as aboutyoun[.]com are promoted via deceptive advertisements, other untrusted pages, and potentially unwanted applications (PUAs). I.e., users do not often visit them intentionally. Many web pages are similar to aboutyoun[.]com including, for example, datingbasedspot[.]com, captchato
TheVideoSearch browser hijacker promotes thevideosearch.com, the address of a fake search engine, by changing browser settings. It also collects browsing data. Typically, users download browser hijackers unintentionally and, for this reason, TheVideoSearch is categorized as a potentially unwanted
Sharing many similarities with captchatopsource.com, holanews.biz, yourwownews.com, and countless others, datingbasedspot[.]com is an untrusted website. It operates by presenting visitors with dubious content and redirecting them to other dubious and possibly malicious pages. Users rarely enter t