Discovered by xiaopao, .help is a malicious program that belongs to the VoidCrypt ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools/software. When .help (VoidCrypt) encrypts, all affected files are renamed follow
ettvdl[.]com is a torrent website which uses rogue advertising networks to promote various websites, including dubious ones. Commonly, websites such as ettvdl[.]com contain copyrighted content (movies, music, etc.). Torrenting is not illegal, however, the same cannot be said about downloading cop
WebDefence is advertised as software that improves browsing security and the overall browsing experience. In fact, it is an advertising-supported web browser based on Chromium (free and open-source software project from Google). Therefore, WebDefence is classified as adware. Note that, in most ca
GillCom is rogue software categorized as a browser hijacker. It operates by making changes to browser settings to promote fxsmash.xyz (a bogus search engine). In addition, GillCom has data tracking capabilities that are employed to monitor users' browsing habits. Due to the dubious methods used t
The main purpose of the IncognitoSearchNet browser hijacker is to force users to visit incognitosearchnet.com (a fake search engine). Like most apps of this type, it promotes the bogus address by modifying certain browser settings. IncognitoSearchNet also collects details relating to users' browsi
Global-support[.]space (apple.global-support[.]space) is a deceptive website designed to promote scams. At the time of research, this site ran a scheme targeting iPhone users, yet the web page might be accessed on other Apple devices as well. This scam claims that users' iPhones have been infec
Commonly, browsers open websites such as tutupdate29[.]com when they have potentially unwanted applications (PUAs) installed on them. I.e., users do not often visit these pages intentionally. Note tutupdate29[.]com (and similar sites) are also promoted via other dubious web pages and advertisement
UpgradeCommand is designed to serve ads (like most adware-type apps) and promote a fake search engine. Therefore, UpgradeCommand functions both as adware and a browser hijacker. It is also likely to gather information relating to users' browsing habits and other data. Users often download and i
rarbg[.]to is a P2P (Peer-to-Peer) sharing website, which allows users to share content via Torrent files. As well as infringing copyright laws, this site also employs rogue advertising networks. Therefore, visitors to this web page are redirected to various other dubious and possibly malicious we
Nusmash is a browser hijacker that promotes nusmash.com, the address of a fake search engine. Generally, apps of this type promote fake search engines by modifying certain browser settings. Additionally, they can gather various browsing-related information. Users often download and install browse