brkdown[.]com is a deceptive site running various scams. At the time of research, this web page has been observed promoting a variant of the "Your Apple iPhone is severely damaged" scheme. This scam states that multiple viruses have been detected on the user's device and pose a significant threa
privex-protection[.]com is an untrusted website that claims to have found an infection on the visitor's device and advises removal of it with a potentially unwanted application (PUA), which can be downloaded via a provided website link. Generally, users do not visit privex-protection[.]com or s
StreamBee promotes keysearchs.com, the address of a fake search engine. It can also read certain browsing data. Apps of this type (browser hijackers) are classified as potentially unwanted applications (PUAs), since, in most cases, users download and install them unintentionally. In most cas
Sophos is a malicious program belonging to the VoidCrypt ransomware family. It is likely that the name of this malware has been chosen with the intention of vilifying the British security software and hardware company (dealing in communication endpoint, encryption, network security, email and mobi
Konx is a malicious program, which is part of the VoidCrypt ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, files are renamed following this pattern: original filename, cyber cri
Shiton is a malicious program belonging to the VoidCrypt ransomware family. This software is designed to encrypt files, modify their filenames, and create ransom messages. Shiton renames encrypted files by adding the ad.decrypt01@gmail.com email address and victim's ID, and appending the ".shiton"
"WhatsApp email scam" refers to a spam email campaign. The term "spam campaign" is used to define a large-scale operation, during which thousands of deceptive/scam messages are sent. As the name implies, the emails distributed through this spam campaign are disguised as important notifications fro
Cyber criminals behind these malspam emails attempt to trick recipients into clicking a download link for a malicious file, and then opening the file, or executing the file attached to an email. The main purpose of these emails is to deceive recipients into infecting their computers with malicious
.help is a malicious program belonging to the Dharma ransomware family. Systems infected with .help (Dharma) experience data encryption and users receive ransom demands for decryption. During the encryption process, all compromised files are renamed following this pattern: original filename, uniq
Belonging to the Dharma ransomware family, Sss renames encrypted files by adding the victim's ID, m5b92n5p1@mail.com email address, and appending the ".sss" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.id-C279F237.[m5b92n5p1@mail.com].sss", "2.jpg" to "2.jpg.id-C279F237.[m5b92