Kook is malicious software belonging to the Djvu ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, all compromised files are appended with the ".kook" extension. For exampl
Discovered by Marcelo Rivero, Tcprx is malicious software belonging to the Dharma ransomware family. It operates by encrypting data and demanding payment for decryption. During the encryption process, all affected files are renamed according to this pattern: original filename, unique ID, cyber cri
"IOS /MAC Defender Alert" is a technical support scam, promoted on deceptive websites. This scheme targets Apple product users and claims that their devices have been infected. To prevent any damage being caused to the device, users are encouraged to call "Apple technical Support". This is a sc
Docallisec is an adware-type application with browser hijacker traits. Following installation, it runs intrusive advertisement campaigns (i.e. delivers various unwanted ads), makes alterations to browser settings and promotes fake search engines. Most adware and browser hijackers have data track
ExpertLookupEngine is rogue software categorized as adware. This app also has browser hijacker traits. It operates by running intrusive advertisement campaigns, making modifications to browser settings and promoting fake search engines. It is highly likely that ExpertLookupEngine records browsin
This deceptive website is designed to promote another scam ("Norton subscription has expired today") and trick visitors into believing that their Mac computers are infected with viruses. It claims that, to remove the viruses, visitors must renew their antivirus software subscriptions. In fact,
SectionBrowser is an adware-type application with browser hijacker traits. Following successful installation, it operates by delivering intrusive advertisement campaigns, making modifications to browser settings and promoting fake search engines. SectionBrowser promotes Safe Finder via akamaihd.
![[Zfile@Tuta.Io] Ransomware](/images/thumbnails/th-large-18416-zfile-at-tuta-io-ransomware.jpg)
[Zfile@Tuta.Io] is a malicious program, which is part of the GlobeImposter ransomware family. It operates by encrypting files and demanding payment for decryption. During the encryption process, all affected files are appended with the ".[Zfile@Tuta.Io]" extension. For example, a file originally
SearchWebPortal is a rogue application classified as adware, which also has browser hijacker traits. Following successful infiltration, it operates by delivering intrusive advertisement campaigns, making modifications to browser settings and promoting fake search engines. Most adware and browse
Discovered by Karsten Hahn, FlyingShip ransomware is based on CryptoWire. It encrypts files using the AES-257 encryption algorithm and renames all encrypted files by inserting the ".flyingship" string into the filenames. For example, it would rename a file called "1.jpg" to "1.flyingship.jpg", "2.