Discovered by GrujaRS, TELEGRAM is a new variant of NEFILIM ransomware. Systems infected with this ransomware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are appended with the ".TELEGRAM" extension. For example, a fi
SearchConverterz is a typical browser hijacker - it promotes a fake search engine by changing certain browser settings (in this case, assigning them to feed.searchconverterz.com). These apps also gather browsing-related information. Users often download and install browser hijackers inadvertently
Typically, malspam campaigns are disguised as legitimate and official in attempts to make them seem less suspicious. Cyber criminals send bogus emails to trick recipients into clicking the included link (thereby downloading and opening a malicious file) or simply opening/executing the attached fi
This untrusted website displays a deceptive notification stating that the computer is infected with viruses and attempts to scare users into downloading and installing potentially unwanted applications (PUAs). Typically, these web pages are opened when users visit other dubious websites, click bo
Cyber criminals behind this malspam campaign attempt to deceive recipients into believing that they have purchased a certain sum of Bitcoins and that opening the attached document supposedly contains more information about the purchase. In fact, the attached document is malicious and designed to i
Tabe is a malicious program belonging to the Djvu ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools/software. During the encryption process, all affected files are appended with the ".tabe" extension. For example
Discovered by Michael Gillespie, Usam is a malicious program that belongs to the Djvu ransomware family. Typically, malware of this type encrypts files, modifies their filenames and creates and/or displays a ransom message. Usam renames encrypted files by appending the ".usam" extension to their f
Discovered by Jakub Kroustek, R3f5s is a malicious program belonging to the Dharma ransomware family. This malware encrypts data in order to demand payment for decryption. During the encryption process, all affected files are renamed according to this pattern: original filename, unique ID, cyber c
Yogynicof is designed to encrypt files, change their filenames, and create a number of ransom messages. It renames all encrypted files by changing their names to a certain number (from zero to the total number of files). For example, if there are three files in a folder, it renames one file to "1"
UpgradeCoordinator is software classified as adware and also possessing browser hijacker traits. This application operates by running intrusive advertisement campaigns, modifying browser settings, and promoting fake search engines. UpgradeCoordinator promotes Safe Finder via search.adjustablesam