cuteRansomware was discovered by S!Ri. This ransomware is designed to encrypt and rename files, and display a ransom message. It renames files by replacing their filenames with a string of random characters and appending ".jgy" as the extension. For example, "1.jpg" might be renamed to "GOJpAJhrOs
Users do not often visit pages such as kersatur[.]online intentionally - they are opened by potentially unwanted applications (PUAs) that are installed on browsers and/or operating systems, via dubious ads or various other bogus web pages. There are many websites similar to kersatur[.]online on th
Websites such as amazing-dating[.]com are commonly promoted via potentially unwanted applications (PUAs), which most users download and install on their browsers and/or computers inadvertently. I.e., they do not visit these bogus pages intentionally. More examples of similar websites designed for
Gac was discovered by Jakub Kroustek and belongs to the Dharma ransomware family. Gac renames encrypted files by adding the victim's ID, the getacrypt@tuta.io email address, and appending the ".gac" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.id-1E857D00.[getacrypt@tuta.io].
Cyberpunk 2077 is a 2020 action role-playing video game, one of the most anticipated games of the year that was released on 10 December 2020. Cyber criminals commonly exploit the popularity of games to distribute malware, and Cyberpunk 2077 is no exception. In this particular case, cyber criminal
Web pages such as aldiscret[.]online are usually opened by browsers automatically - when they have potentially unwanted applications (PUAs) installed on them. I.e., users do not often visit these bogus sites intentionally, and neither do they install (or even download) PUAs intentionally. There a
directsearchapp.com is a fake search engine which appears in browser settings after installation of a browser hijacker (browser hijacking extension). Commonly, apps of this type collect browsing-related and other information. In most cases, users download and install browser hijackers inadvertent
CoderWare (also known as BlackKingdom) is designed to encrypt victims' files, modify their filenames, and generate ransom messages. It renames encrypted files by appending ".DEMON" as the file extension. For example, "1.jpg" is renamed to "1.jpg.DEMON", "2.jpg" to "2.jpg.DEMON", and so on. CoderW
Omfl encrypts victims' files and renames each encrypted file by appending the ".omfl" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.omfl", "2.jpg" to "2.jpg.omfl", and so on. Omfl also creates the "_readme.txt" text file (a ransom message) in each folder that contains encrypted
21btc is a malicious program belonging to the Dharma ransomware family. It is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are renamed following this pattern: original filename, unique ID assigned to the victims, cyber criminals' ema