Discovered by Jakub Kroustek, Felix is a malicious program belonging to the Dharma ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are renamed according to this patte
As the title of this article suggests, Null belongs to a family of ransomware called Dharma. This particular ransomware was discovered by Jakub Kroustek. It is designed to change the name of every encrypted file by adding the victim's ID, nullcipher@cock.li email address and appending the ".null"
PhaseSearch is one of many applications that display various advertisements and collect details relating to browsing activities. Software of this type is called adware. People do not generally download or install adware intentionally - they are tricked into it. For this reason, PhaseSearch is kn
The Quick Mac Fixer application is supposedly capable of improving operating system performance. According to this software's promotional material, it can manage installed apps and remove unwanted files (e.g. unused, large, duplicate and junk files). Due to the dubious methods used to proliferat
GNS encrypts files, changes their filenames and provides victims with instructions about how to contact the developers. This ransomware renames files by adding the victim's ID, geniusid@protonmail.ch email address and appending the ".GNS" extension. For example, it would rename "1.jpg" to "1.jpg.
"System Activation KEY has expired" is a message displayed in a fake technical support scam, promoted by various deceptive websites. Visually this scheme mimics the appearance of the Blue Screen error displayed on Windows Operating Systems (OSs), specifically the graphics of these errors as they a
The Total Mac Fixer application is promoted as a tool capable of optimizing system operations by removing unwanted files, managing apps, and improving system start-up speed. Since most users download/install Total Mac Fixer inadvertently, it is classified as a Potentially Unwanted Application (P
DPS Websafe hijacks browsers by modifying certain browser settings (changing them to dpswebsafe.com, the address of a fake search engine). Users often download and install browser hijackers inadvertently and, for this reason, they are categorized as potentially unwanted applications (PUAs). Note
WebAdvancedSearch is an adware-type application with browser hijacker traits. It delivers intrusive advertisement campaigns and modifies browsers to promote fake search engines. Most adware type apps and browser hijackers have data tracking capabilities, which are used to monitor users' browsin
Typically, cyber criminals behind these spam campaigns send emails disguised as "official" and "important" to trick people into installing malicious software. In many cases, they succeed when recipients open/execute a malicious file (attachment), which then installs malware. In this particular c