Belonging to the Snatch ransomware family, Uhofbgpgt encrypts files, modifies their filenames, and creates a ransom message. Uhofbgpgt renames encrypted files by appending the ".uhofbgpgt" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.uhofbgpgt", "2.jpg" to "2.jpg.uhofbgpgt", a
Discovered by Lukáš Zobal, DUSK 2 is an updated variant of Dusk ransomware. This malware is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".DUSK" extension. For example, a file named something like "1.jpg" would
security-update-required[.]com is a deceptive website running various scams. At the time of research, this web page promoted two different schemes. The scams promoted on this site primarily target iPhone users, yet it is often accessed via other Apple devices as well. One variant claims visitor
There are many examples of phishing emails, which scammers send to deceive unsuspecting recipients into providing sensitive information. Commonly, scammers disguise their emails as official messages from legitimate companies. In this particular case, they attempt to trick recipients into opening a
Pay2Key is ransomware written in the C++ programming language that encrypts files with AES and RSA cryptography algorithms. Research shows that cyber criminals behind Pay2Key target companies located in Israel, however, it might also be used to attack other companies. So far, cyber criminals have
"ERROR # 0xuaO-0x156m(3)" is a technical support scam. At the time of research, this scheme was promoted via the azurewebsites[.]net - Microsoft Azure website-hosting platform. In general, online scams are promoted on various deceptive web pages. The gist of tech support scams is claiming that us
IndexerInput is an adware-type application with browser hijacker traits. Following successful infiltration, this app runs intrusive advertisement campaigns and makes modifications to browser settings to promote fake search engines. On Safari browsers, IndexerInput promotes 6v5f3l.com, and on Goo
search.validplatform.com is a fake search engine. Typically, search engines of this kind are promoted via browser hijackers, which are adware-type apps. Note that search.validplatform.com is promoted via IndexerInput and other similar apps. These apps are categorized as potentially unwanted app
PyXie is a Remote Access Trojan (RAT). Typically, cyber criminals use RATs to remotely control infected computers and steal personal information, install additional malware, and for other malicious purposes. Some cyber criminals use PyXie to deliver ransomware. In any case, if there is any reason
CCC is a malicious program belonging to the GlobeImposter ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, all affected files are appended with the ".CCC" extension. For example,