search.gratziany[.]com is the address of a fake search engine. Typically, fake search engines are promoted through potentially unwanted applications (PUAs). I.e., through browser hijackers. Apps of this type promote addresses such as search.gratziany[.]com by changing certain browser settings.
InstallFlash-upgrade[.]com is a deceptive website running a fake Flash Player updater scam. Once accessed, the web page claims that visitors' Flash software might be outdated and recommends bogus updates. Note that fake software updaters are typically used to infiltrate untrusted (e.g. Potentiall
Displayed by various scam websites, "Latest version of Adobe Flash Player" is a deceptive message employed to trick visitors into using a fake Adobe Flash Player installer, which actually installs a potentially unwanted application (PUA) such as, for example, a browser hijacker or adware-type ap
Kristina (OnyxLocker) is a new variant of OnyxLocker ransomware discovered by S!Ri. It renames all encrypted files by appending the ".кристина" extension to filenames. For example, "1.jpg" would become "1.кристина". Furthermore, Kristina (OnyxLocker) creates multiple ransom messages within text f
Free Streaming Radio is a rogue application categorized as a browser hijacker. It is advertised as an app enabling users to quickly access various radio streaming services. Free Streaming Radio operates by modifying browsers to promote a fake search engine, search.freestreamingradiotab.com (altern
As its name suggests, the Search My Obituaries application apparently provides quick access to various ancestry, obituary websites, however, this app is categorized as a potentially unwanted application (PUA), a browser hijacker. It changes certain browser settings so that users are forced to visi
Sharing many similarities with GlobalAdviseSearch and ExploreSearchResults, TechLetterSearch is an adware-type application. This app is part of the AdLoad adware family and infiltrates systems under the guise of a Flash Player updater. TechLetterSearch operates by running intrusive advertisemen
Cuba (also known as COLDDRAW) was discovered by Raby and encrypts files, changes filenames by appending the ".cuba" extension, and creates the "!!FAQ for Decryption!!.txt" text file (ransom message). For example, "1.jpg" is renamed to "1.jpg.cuba", and so on. Typically, people who have computers
NEWS is a malicious program belonging to the Dharma ransomware family. It operates by encrypting the data of infected devices so that ransom demands can be made for decryption tools/software. When NEWS malware encrypts, all files are renamed according to the following pattern: original filename,
balanceforsun[.]com a rogue website that, if opened, redirects to untrusted websites or loads dubious content. Browsers commonly open pages such as balanceforsun[.]com due to installed potentially unwanted apps (PUAs) - people do not generally open them intentionally. PUAs cause redirects to dubi