qikc.xyz is the address of a fake search engine that is opened through another dubious address (searchgg.xyz). Like most fake search engines, qikc.xyz is promoted through a browser hijacker. Two known apps that promote this address are called APP and CERX, which are related to another potentially
As its name suggests, the Fast Flight Tracker app allows flight tracking of aircraft, however, this software modifies browser settings and records browsing data. Applications that operate in this manner are called browser hijackers. Since people usually do not download or install apps such as Fas
Discovered by MalwareHunterTeam and further researched by James, CStealer is malicious software classified as a trojan. This malware is designed to steal passwords stored in Google Chrome browsers. Trojan infections are high-risk and can lead to a number of significant issues. Trojan-type
Dexphot is the name of a malicious program that infects systems with a cryptocurrency miner. It is capable of reinstalling a miner if an installed antivirus suite attempts to remove it. In summary, cyber criminals use resources of infected systems to mine cryptocurrency, which helps them to genera
My Login Helper is yet another rogue application that claims to allow users to access their emails. Its appearance suggests that My Login Helper is a legitimate and useful application, however, it is categorized as a potentially unwanted application (PUA) and a browser hijacker. The main reasons
CILLA is malicious software belonging to the GlobeImposter ransomware family. It operates by encrypting data and demanding ransom payments for decryption. During this process, all compromised files are renamed with the ".CILLA" extension. For example, a filename such as "1.jpg" becomes "1.jpg.CILL
Discovered by GrujaRS, WinRARER is malicious software that is classified as ransomware. This ransomware stores files in an .ace archive file named "YourFilesHere-0penWithWinrar.ace" and places it in the "C:\YOUR-locked-FILES\" directory. This file is password protected. To obtain the password, vi
Discovered by GrujaRS, KesLan is a malicious program categorized as ransomware. It is designed to encrypt data and demand a ransom payment for decryption (i.e., payment for decryption tools/software). There are several variants of this ransomware. During encryption, KesLan appends files with the "
vnse52.xyz is a fake search engine and promoted through a number of browser hijackers. One example is called APP. Browser hijackers are potentially unwanted applications (PUAs) that most people download and install inadvertently. In most cases, PUAs change browser settings and record browsing dat
Discovered by GrujaRS, NEMTY 2.2 REVENGE is an updated variant of NEMTY REVENGE 2.0 ransomware. This malware encrypts data and demands ransom payments for decryption. During this process, all files are appended with an extension consisting of ".NEMTY_" and a unique ID, generated individually for e