Searchsnow.com is the address of a fake search engine. In most cases, these addresses/fake search engines are promoted through browser hijackers, which change certain browser settings. Browser hijacking apps can also collect browsing-related and other information. People often download and inst
Discovered by Jakub Kroustek, FRM is a malicious program belonging to the Dharma ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, FRM ransomware renames affected files according to this
TypicalFraction is designed to promote the Safe Finder web page via akamaihd.net (the address of a fake search engine) by changing certain browser settings and feeding users with advertisements. Therefore, it is classified as an adware-type app, which has characteristics of a browser hijacker.
Like many other spam (malspam) campaigns, this one is disguised as an official message from a legitimate company and is sent to trick recipients into opening (executing) a malicious file. The file contains a malicious attachment, an archive file (ZIP), which contains another malicious file designe
NetGuideSearch is an adware-type application that has browser hijacker characteristics. This app runs intrusive ad campaigns and modifies browser settings to promote a fake search engine. Additionally, most adware infections and browser hijackers monitor users' browsing activity. Due to the dub
extrasafe[.]xyz is a deceptive website, the main purpose of which is to trick visitors into downloading and installing a potentially unwanted application (PUA). The app is apparently capable of removing viruses that this website has supposedly detected. Commonly, pages such as extrasafe[.]xyz a
SearchSeries is rogue software which modifies browser settings to promote search-series.com (a bogus search engine). Therefore, it is classified as a browser hijacker. Additionally, SearchSeries has data tracking capabilities, which are employed to gather browsing-related information. Since most
Discovered by Amigo-A, LickyAgent ransomware encrypts victims' files, modifies their filenames and creates ransom messages. It renames files by appending a random extension. For example, ".dMQDF" (it would then rename "1.jpg" to "1.jpg.dMQDF", "2.jpg" to "2.jpg.dMQDF", etc.). It also drops the "[
Zwer is malicious software belonging to the Djvu ransomware family. This malware is designed to encrypt the data of infected systems in order to demand ransoms for decryption tools. During the encryption process, files are appended with the ".zwer" extension. Therefore, a file named something lik
WCH was discovered by Jakub Kroustek. This malware belongs to the Dharma ransomware family. Like many other programs of this type, WCH is designed to encrypt files, modify their filenames and create a ransom message. It renames encrypted files by adding the victim's ID, wecanhelpu@tuta.io email ad