Devoe is a malicious program belonging to the Phobos ransomware family. This malware operates by encrypting data and demanding payment for decryption. During the encryption process, all compromised files are renamed following this pattern: original filename, unique ID assigned to the victims, cybe
My Office Tools is dubious software categorized as a browser hijacker. It operates by making modifications to browser settings to promote hmyofficetools.co (a fake search engine). Additionally, My Office Tools has data tracking capabilities, which are employed to monitor users' browsing habits. D
Discovered by xiaopao, YaKo is malicious software that belongs to the Xorist ransomware family. It is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".YaKo" extension. For example, a file originally named somethin
Discovered by xiaopao, MAKB is a malicious program belonging to the Scarab ransomware family. It renames the filenames of encrypted files to a string of random characters and appends the ".MAKB" extension. For example, it would rename "1.jpg" to "2g000000002o63SEiduTVesufmp7Ur50.MAKB", "2.jpg" to
Ambrosia is a part of the Scarab ransomware family and was discovered by xiaopao. Like most malicious programs of this type, Ambrosia encrypts files, modifies their filenames and creates a ransom message. It renames encrypted files by changing their filenames to a string of random characters and a
z6airr.com is a fake search engine. Rogue search tools such as z6airr.com are usually promoted by software classified as browser hijackers. They promote these search engines by making modifications to browser settings and restricting/denying access to them. Additionally, browser hijackers and b
Discovered by Jakub Kroustek, Xati belongs to a family of ransomware called Dharma. It encrypts files, modifies their filenames, displays a ransom message in a pop-up window and creates another in a text file called "FILES ENCRYPTED.txt". Xati renames files by adding the victim's ID, xatixxatix@ma
Photo Viewer Free, also known as PhotoViewerFree, is a rogue application. Following successful installation, it runs intrusive advertisement campaigns (i.e. delivers intrusive, unwanted and possibly harmful ads). Therefore, Photo Viewer Free is classified as adware. Additionally, most adware-ty
ConnectedAnalog is designed to operate as adware and a browser hijacker - it feeds users with ads and changes some of the browser's settings to an address of a fake search engine. Research shows that this app is designed to promote the 0yrvtrh.com address. Another problem with apps like Connect
AccessibleBoost is an adware-type application with browser hijacker traits. It runs intrusive advertisement campaigns, makes modifications to browser settings and promotes a fake search engine. AccessibleBoost promotes z6airr.com in this manner. AccessibleBoost monitors browsing activity - mos