Discovered by MalwareHunterTeam, REDROMAN is malicious software categorized as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, files are appended with the ".REDROMAN" extension. For example,
Generally, websites such as this one display a fake virus notification, stating that an iPhone (or other device) is infected with viruses, and encourage visitors to remove them immediately with a potentially unwanted application (PUA). In summary, these pages promote PUAs in a deceptive ways. T
Lisp is one of many ransomware-type programs that belong to the Djvu ransomware family. Like most malicious programs of this type, it encrypts and renames files, and creates a ransom message with instructions about how to contact the developers, pay the ransom, etc. Lisp renames files by appendin
WRTenets is rogue software and a browser hijacker, which promotes searchnets.xyz (a fake search engine). Typically, browser hijackers cause redirects to fake search engines by changing browser settings, however, WRTenets does always not operate in this manner. Additionally, this browser hijacker
OriginalSearchManager is designed to change specific browser settings (to promote search.locatorunit.com) and add the "Managed by your organization" feature on Google Chrome browsers. This app is also likely to gather browsing data. Generally, users do not download or install browser hijackers
1000-eur[.]cash is a rogue website designed to redirect visitors to other untrusted/malicious web pages and/or present them with dubious content. There are thousands of similar sites similar to 1000-eur[.]cash online including special-breaking.news, bigkick.biz, mylot.com and undertain.work to nam
Cvc belongs to the Dharma ransomware family and is designed to encrypt files, modify their filenames, display a pop-up window, and create a text file ("FILES ENCRYPTED.txt") that contains instructions about how to contact the developers. It renames all encrypted files by adding the victim's ID, p
Discovered by Emmanuel_ADC-Soft, Sfile is a malicious program that is classified as ransomware. It is designed to encrypt data, change filenames and demand payment for decryption. When Sfile malware encrypts, all affected files are appended with the ".BRN-qfp7mkc" extension. For example, a file n
Oksearch.org is an untrusted search engine. Microsoft Edge and Chrome users are often forced to visit this address when they click a search result generated by Google or Bing. After clicking on the Google/Bing result, users are redirected to oksearch.org, which then redirects to another website.
.google is a malicious program belonging to the Phobos ransomware family. Despite the name, this malware is in no way associated with the actual Google LLC. Systems infected this ransomware have their data encrypted and users receive ransom demands for decryption. During the encryption process, a