Cyber criminals behind this malspam campaign attempt to trick recipients into believing their office has been exposed to the coronavirus and reviewing (opening) the attached document. This email contains a malicious Microsoft Excel document causing installation on TrickBot, which is Trojan-type ma
Zida is malicious software belonging to the Djvu ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, all affected files are appended with the ".zida" extension. For example, a file o
Discovered by Jakub Kroustek, .HOW belongs to the Dharma ransomware family. This malware encrypts files, changes filenames, and generates ransom messages. It renames encrypted files by adding the victim's ID, how_decrypt@aol.com email address and appending the ".HOW" extension to filenames. For e
MyAudioTab is a browser hijacker designed by Mindspark Interactive Network. It supposedly provides quick access to various audio conversion tools. In fact, its main purpose is to promote hp.myway.com (the address of a fake search engine) by changing certain browser settings. Typically, apps of th
WastedLocker is a malicious program classified as ransomware. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption. There are multiple variants of this ransomware. During the encryption process, WastedLocker renames affected files by appending
There are many browser hijackers designed by Mindspark, including MyDocsHere. This app hijacks browsers by assigning certain settings to hp.myway.com (the address of a fake search engine). It is possible that this app might also be capable of collecting various data. Typically, users do not downl
keysdigita[.]com is often visited by people unintentionally when they are opened by installed potentially unwanted applications (PUAs). When visited, the site opens a number of other bogus web pages or displays dubious content. There are many websites similar to keysdigita[.]com including, for exa
The My Email Checker app is supposedly designed to provide quick access to email service providers. In fact, its main purpose is to promote the hp.hmyemailchecker.co (or search.hmyemailchecker.co) address (a fake search engine) by changing certain browser settings. It might also be capable of col
XpertRAT is a Remote Administration Trojan, a malicious program that allows cyber criminals to remotely access and control infected computers. Typically, users download and install this software inadvertently because they are tricked. By having computers infected with malware such as XpertRAT, use
VenomRAT is a malicious program and a common malware infection presented as an innocuous Remote Access Tool (RAT). In fact, VenomRAT has multiple dangerous capabilities clearly designed with malicious purposes in mind - it is therefore also classified as a Remote Access Trojan. At the time of res