ALVIN is a ransomware-type program. Systems infected suffer data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are renamed following this pattern: "[rimon.argan@gmail.com][id=victim's_ID][original_filename].ALVIN", which consists of
Discovered by GrujaRS, Pizhon ransomware encrypt files, renames them, and provides instructions about how to contact the developers and various other details. Pizhon renames files by appending the ".pizhon" extension with a string of random characters. For example, "1.jpg" is renamed to "1.jpg.pi
the-best-push-news[.]com is promoted via dubious websites, deceptive advertisements, and potentially unwanted applications (PUAs). I.e., users do often not visit these websites intentionally. There are many other examples on the web including alltopposts[.]com, reightpainf[.]top and content4you[.]
Xdddd is malicious software and part of the Paradise ransomware group. Systems infected with this malware have their data encrypted, filenames altered, and users receive ransom demands for decryption tools. During the encryption process, files are renamed following this pattern: original filename
Commonly, phishing emails such as this example are used to trick recipients into providing sensitive information such as credit card details, login credentials (emails, usernames, passwords) or other details, which could be misused for malicious purposes. Generally, cyber criminals attempt to tri
Abaddon is a Remote Access Trojan (RAT) that receives commands via Discord. I.e., this RAT uses Discord as its Command and Control (C2) server. Additionally, Abaddon has a ransomware feature and could be used to execute commands to encrypt files. Therefore, cyber criminals might use this malware
Belonging to the Djvu ransomware family, Iiss encrypts files, modifies their filenames by appending its extension and creates a ransom message in all folders that contain encrypted files. It renames encrypted files by appending the ".iiss" extension to filenames. For example, "1.jpg" is renamed t
Take mytab is a browser hijacker. Following successful infiltration, this piece of rogue software changes browser settings to promote keysearchs.com (a fake search engine). Rogue search engines cannot provide unique results, and so they redirect to genuine sites. Where Take mytab redirects to dep
Like most browser hijackers, AllStreamSearch promotes a fake search engine. In this case, by changing certain browser settings to allstreamsearch.com. It also records data relating to users' browsing habits. Commonly, users download and install browser hijackers inadvertently and, therefore, apps
Discovered by xiaopao, _encrypted (RRansom) is a malicious program classified as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, files are appended with the "_encrypted" extension. For exampl