CreativeSearch is a potentially unwanted application (PUA) that operates as adware and a browser hijacker. It feeds users with various advertisements and changes browser settings so that people are forced to visit the address of a fake search engine. CreativeSearch might also be designed to coll
ElementaryDataSearch is a rogue application classified as adware and possessing browser hijacker characteristics. Following successful infiltration, this app delivers intrusive ad campaigns, modifies browser settings and promotes a bogus search engine. Adware and browser hijackers typically moni
WELL is one of many malicious programs that are part of the Dharma ransomware family. It encrypts data, changes the names of all encrypted files, displays a pop-up window containing a ransom message and creates another in a text file. WELL renames all encrypted files by adding the victim's ID, me
Frogo is malicious software belonging to the Amnesia ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools. During the encryption process, all affected files are renamed following a pattern consisting of a random strin
Like most malspam campaigns, this one is sent by cyber criminals who attempt to trick recipients into installing malware. In this particular case, the email is disguised as a message from South African Revenue Service (SARS). The main aim of the cyber criminals responsible is to deceive recipient
DualShot was discovered by S!Ri. This ransomware encrypts and renames files, and displays a ransom message in a pop-up window. DualShot renames encrypted files by appending the ".dsec" extension to filenames. For example, "1.jpg" would be renamed to "1.jpg.dsec", "2.jpg" to "2.jpg.dsec", and so on
"Cuerpo Nacional de Policía" is a scam email disguised as summons given due to an ongoing investigation by the National Police Corps (Cuerpo Nacional de Policía), the national civilian police force of Spain. This scheme employs scare tactics and claims that recipients are suspects in a bank fraud
MessengerHub is advertised as an instant messaging application, which includes a video chat feature. After installation, however, it starts to serve various advertisements. Therefore, MessengerHub is classified as adware. Note that users often download and install adware accidentally and, therefo
Coronavirus is a part of Scarab, a family of ransomware programs. It encrypts files and modifies their filenames, changes the desktop wallpaper and creates other ransom messages in text files, and disables Task Manager. Coronavirus renames files by appending the ".coronavirus" extension. For exam
The QuericsSearch browser hijacker promotes search.querics.net by changing certain browser settings. In this way, the app hijacks browsers to promote a fake search engine. Furthermore, this app adds the "Managed by your organization" feature to Google Chrome browsers and might also be designed to