"U.S Department of Labor" is yet another Coronavirus/COVID-19-themed spam email campaign. These messages are disguised as official notices from the "U.S. Department of Labor Wage and Hour Division", informing recipients of the latest changes made to the "Employee Request Form under the Family and
CovidWorldCry was discovered by nao_sec. Like most programs of this type, it prevents victims from accessing their files by encrypting them. It also renames all files by appending an extension and creates a ransom message. CovidWorldCry appends the ".corona-lock" extension to files. For example,
y2mate[.]guru allows users to download videos from YouTube, however, this is illegal practice. Furthermore, most websites such as y2mate[.]guru use rogue advertising networks - they contain dubious advertisements and/or redirect visitors to other dubious websites. Commonly, they open sites design
mybestsearch.net is the address of a fake search engine. These bogus tools typically offer improved search results and similar "useful" features. In fact, they are rarely able to provide valid search results or deliver any other value. Fake search engines are usually promoted by Potentially Unwant
Smashapps.net is the address of a fake search engine. Generally, these search engines are promoted by various browser hijackers. Research shows that one of the apps that promotes smashapps.net is called Suls APP. Typically, browser hijackers promote fake search engines by making certain changes to
Covm belongs to the Djvu ransomware family. It encrypts files, changes filenames and creates a ransom message. Covm renames files by appending the ".covm" extension to filenames. For example, it renames "1.jpg" to "1.jpg.covm", "2.jpg" to "2.jpg.covm", and so on. It creates a ransom message in a
My Horoscope Tab is a rogue app advertised as a tool for easy access to daily horoscopes and other astrological content. In fact, it operates by making modifications to browsers to promote hmyhoroscopetab.com (A bogus search engine). This application also has data tracking capabilities, which are
BANG is a malicious program belonging to the Dharma ransomware family. The discovery of this malware is credited to Jakub Kroustek. Following successful infiltration, BANG ransomware encrypts files in order to demand payment for decryption. During the encryption process, all affected files are re
DarkTrack is a malicious program classified as a Remote Access Trojan (RAT). This type of malware enables remote access and control over an infected device. The level of control these programs have varies, however, some can allow user-level manipulation of the affected machine. The functionalitie
SearchModule is an adware-type application with browser hijacker characteristics. Following successful infiltration, this app delivers various unwanted and dangerous advertisements, modifies browsers and promotes a fake search engine. Additionally, most adware and browser hijackers can record br