GlUTe is malicious software, which is part of the Xorist ransomware family. It is designed to encrypt the data of infected systems in order to demand ransom payments for decryption tools. During the encryption process, all affected files are appended with the ".GlUTe" extension. For example, a fi
Plenty O' Apps assigns certain browser settings to hplentyoapps.com in order to promote this fake search engine. Browser hijackers often gather data relating to users' browsing activity, and this might also be the case with Plenty O' Apps. Since users do not often download or install browser hija
"Chorus Union" is the name of a malicious spam campaign designed to distribute Dridex banking malware. The scam emails sent through this spam campaign are disguised as impending invoices from "Chorus Union". These messages are intended to trick recipients into clicking the link presented within th
As its name suggests, Smart Searching Tab is an app designed to improve the browsing experience, however, it is actually designed to promote hsmartsearching.net (the address of a fake search engine) and collect browsing data. I.e., Smart Searching Tab is a browser hijacker designed to promote a fa
StockCommon is an adware-type application, which serves various advertisements via the user interface. Additionally, it is designed to promote the Safe Finder website through another dubious web address (akamaihd.net). Commonly, apps of this type not only serve ads but also collect information r
HimeraLoader is a malicious program used by cyber criminals who seek to infect computers with other programs of this kind (e.g., ransomware, remote access Trojans). Research shows that it was available for purchase on hacker forums at a cost of 700 rubles. Typically, cyber criminals attempt to in
Sharing many similarities with behavingsoping.club, superinterestinginfo.info, redbearmobilecuisine.com and thousands of others, thenickelpress[.]com is a rogue website. Visitors to this site are presented with dubious content and/or are redirected to other untrusted or malicious web pages. Most
SkilledEntry is a rogue application classified as adware. It runs intrusive advertisement campaigns, delivering various unwanted and harmful ads. Additionally, SkilledEntry shares traits with browser hijackers, such as browser settings modification to promote rogue search engines. This applicat
"System Warning Alert" is a technical support scam claiming that users' devices have been infected with spyware and other viruses. This scheme urges people to immediately contact 'tech support' by calling a supposedly toll-free telephone number. Note that no web page can detect threats or issues p
Discovered by MalwareHunterTeam, Dodged ransomware encrypts victims' files, changes filenames, disables Task Manager and displays a pop-up window containing the ransom message. Dodged renames encrypted files by appending the ".dodged" extension to filenames. For example, it renames "1.jpg" to "1.j