Discovered by xiaopao, TapPIF (also known as TapRiF and TAF.F) ransomware prevents victims from accessing their files by encryption, renames every encrypted file, creates a text file named "note.txt", and an executable file named "@Please_Read_Me@.exe" (ransom messages). It renames encrypted file
Discovered by MalwareHunterTeam, WinWord64 is a malicious program categorized as ransomware. This malware is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".encrypted" extension. For example, a file originally n
"Invoice Email Virus" (also known as "Outstanding Invoice Email Virus") is a malspam campaign used to proliferate a high-risk trojan called TrickBot. This campaign shares many similarities with a number of other spam campaigns, such as (for example), eFax, Important Documents IRS, and especially H
The MyPDFSearch browser hijacker promotes mypdf-search.com (the address of a fake search engine) by modifying certain browser settings. Commonly, apps of this type gather browsing-related (and other) information. Browser hijackers are categorized as potentially unwanted applications (PUAs), since
Track Your Package Now promotes trackyourpackagetab1.com (the address of a fake search engine) by modifying certain browser settings. This app also tracks and records information relating to users' browsing habits. Generally, users download and install browser hijackers inadvertently and, for thi
Dharma (.abc) belongs to the family of ransomware called Dharma. It encrypts files, changes their filenames, creates the "FILES ENCRYPTED.txt" text file and displays a pop-up window with instructions about how to contact cyber criminals behind it. Dharma (.abc) renames files by adding the victim'
As its name implies, Protect My Search App is endorsed as software capable of securing browsing and searching. It is supposedly able to identify safe websites and potential threats. Instead, Protect My Search App modifies browser settings and promotes protectmysearchapp.com (a fake search engine).
customsearch.info (and find.customsearch.info) is the address of a fake search engine. Rogue web searching tools are usually promoted by software categorized as browser hijackers. One browser hijacker observed promoting customsearch.info is simply named Custom Search. Software within this categor
The Global Weather Tab is a browser hijacker which changes certain browser settings to the-global-weather.com, the address of a fake search engine. Apps of this type often gather browsing-related information. Note that users often download and install browser hijackers such as The Global Weather
"Swedish Energy Agency Email Virus" refers to a spam campaign, which spreads the Agent Tesla RAT (Remote Access Trojan). The term "spam campaign" is used to define a mass-scale operation, during which thousands of deceptive emails are sent. The emails distributed through this spam campaign are dis