VASA LOCKER is designed to prevent victims from accessing or using their files by employing SHA256 hashing, ChaCha8 encryption, ECDH key generation, and an algorithm to encrypt files and secure its keys. VASA LOCKER also renames each encrypted file by appending the ".__NIST_K571__" extension to f
UpdaterSync is an adware-type app with browser hijacker traits. It operates by running intrusive advertisement campaigns (i.e., delivering ads) and making modifications to browsers to promote fake search engines. Due to the dubious methods used to proliferate UpdaterSync, it is also categorized
Cring encrypts files and appends the ".cring" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.cring", "2.jpg" to "2.jpg.cring", and so on. Cring also creates a ransom message within a text file named "!!!!deReadMe!!!.txt", dropoing this file into all folders that contain encrypt
Adware generates unwanted advertisements, however, ProcessBrand also functions as a browser hijacker, changing browser settings to promote a fake search engine address. It is likely that ProcessBrand also gathers browsing data and other information. These apps are often downloaded and installed
Websites such as aboutyoun[.]com are promoted via deceptive advertisements, other untrusted pages, and potentially unwanted applications (PUAs). I.e., users do not often visit them intentionally. Many web pages are similar to aboutyoun[.]com including, for example, datingbasedspot[.]com, captchato
TheVideoSearch browser hijacker promotes thevideosearch.com, the address of a fake search engine, by changing browser settings. It also collects browsing data. Typically, users download browser hijackers unintentionally and, for this reason, TheVideoSearch is categorized as a potentially unwanted
Sharing many similarities with captchatopsource.com, holanews.biz, yourwownews.com, and countless others, datingbasedspot[.]com is an untrusted website. It operates by presenting visitors with dubious content and redirecting them to other dubious and possibly malicious pages. Users rarely enter t
FireMovieSearch is a browser hijacker promoting firemoviesearch.com, a fake search engine. It operates by making modifications to browser settings, which result in redirects to firemoviesearch.com. It is likely that FireMovieSearch also has data tracking capabilities, which are employed to monito
Discovered by Emmanuel_ADC-Soft, XD Locker (also known as XD LOKER) ransomware prevents victims from accessing their files by encrypting them and keeps files inaccessible unless a ransom is paid. It also renames each encrypted file by replacing its filename with random digits and the ".XL" extens
AD&POP Block is rogue software, promoted as an online advertisement blocker. According to its promotional material, this browser extension is supposedly capable of blocking ads from more than fifty thousand sources - particularly on Google results and YouTube videos. Additionally, the tool pr