MarketService is an adware-type application with browser hijacker traits. Following successful installation, it delivers intrusive advertisement campaigns, makes modifications to browser settings and promotes fake search engines. MarketService promotes 6v5f3l.com on Safari browsers and search.lo
RedDelta is the name of a threat activity group targeting the Vatican and Catholic Church-related, and some non-governmental, organizations. Research shows that the group uses malware variants for their attacks, one of which is a modified variant of PlugX referred to as RedDelta PlugX. Other known
charmsearching.com is the address of a fake search engine. These bogus web search engines are usually promoted by Potentially Unwanted Applications (PUAs), classified as browser hijackers. This software operates by making modifications to browser settings to promote fake search tools (including ch
JB78 replaces the filenames of encrypted files with the jamesBaker78@criptext.com email address, a string of random characters. It also appends the ".JB78" extension to them. For example, "1.jpg" is renamed to "[JamesBaker78@criptext.com].y5ebua4u-oXnxuIWO.JB78", "2.jpg" to "[JamesBaker78@criptex
FG69 is a malicious program that belongs to the Matrix ransomware family. Like most of these programs, it encrypts files, renames them and creates a ransom message. FG69 renames files, replacing their filenames with the Adamfox69@criptext.com email address, a string or random characters, and appen
Websites such as service24[.]report often trick visitors into downloading and installing potentially unwanted applications (PUAs). In many cases, these web pages claim that the device is infected with viruses and offer to remove them with a specific app. Note that users do not often visit sites
hilanfavouris[.]top is a rogue web page sharing many similarities with a1-nerdhut.com, belighterservice.com, myfreshposts.com and thousands of others. Visitors to this site are presented with dubious content and/or are redirected to other untrusted or possibly malicious websites. Typically, users
Commonly, browsers are forced to open websites such as a1-nerdhut[.]com due to installed potentially unwanted applications (PUAs). I.e., users do not often visit these web pages or download/install PUAs intentionally. Note that most PUAs promote sites like a1-nerdhut[.]com, serve ads, and gather
Commonly, scammers behind phishing emails try to trick recipients into sharing personal information. Usually, their emails (or websites) demand usernames, passwords, bank account numbers, credit card details or other sensitive information. In this particular case, scammers use an email that appea
AnalyticParameter is an adware-type application with browser hijacker traits. Following successful installation, it runs intrusive advertisement campaigns and makes modifications to browser settings to promote fake search engines. AnalyticParameter promotes d2sri.com on Safari browsers and searc