LANDSLIDE encrypts and renames files, and creates "#ReadThis.HTA" and "#ReadThis.TXT" files, which contain instructions about how to contact the developers. LANDSLIDE renames files by prepending the nataliaburduniuc96@gmail.com email address, victim's ID, and appending the ".LANDSLIDE" extension t
Cat is a malicious program, which is part of the Xorist ransomware family. Systems infected with this program suffer data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are appended with the ".cat" extension. For example, a file origi
Typically, browser hijacking apps promote fake search engines by modifying certain browser settings. SysKey promotes fxsmash.xyz in this way. It can also read browsing history, and possibly other data. Commonly, users download and install browser hijackers inadvertently and, for this reason, they
Movie Tab is a browser hijacker designed to promote tailsearch.com (a bogus search engine). Browser hijackers usually operate by making modifications to browser settings to promote fake search engines (including tailsearch.com). In fact, Movie Tab does not always modify browsers in this way (see b
SkillFormat generates advertisements and promotes a fake search engine address, and thus functions as adware and a browser hijacker. Additionally, it is possible that SkillFormat gathers information relating to users' browsing habits and other data. This app is distributed via a deceptive instal
GLB is malicious software belonging to the Dharma ransomware family. It operates by encrypting data in order to demand payment for decryption. When this ransomware encrypts, all compromised files are renamed following this pattern: original filename, unique ID assigned to the victims, cyber crimin
Tsar belongs to the VoidCrypt ransomware family. It prevents victims from accessing their files by encryption, renames every encrypted file, and generates a ransom message. Tsar renames files by adding the decodetsar@gmail.com email address, victim's ID, and appending ".Tsar" as the file extension
Typically, apps that are classified as adware serve advertisements, however, this particular app promotes a fake search engine by making certain changes to browser settings. It might also collect data. In this way, SkilledObject functions both as adware and as a browser hijacker. SkilledObject
TakeMyFile is an untrusted application, which is endorsed as a tool that allows users to share files (e.g. apps, audio, documents, photographs, presentations, videos, etc.). Due to the dubious methods used to proliferate this app, it is classified as a Potentially Unwanted Application (PUA). Desp
LoveSportsSearch changes certain browser settings to lovesportssearch.com, the address of a fake search engine. It is also likely to collect browsing data and other information. Note that browser hijackers are categorized as potentially unwanted applications (PUAs), since, in most cases, users do