Discovered by dnwls0719, Builder is a variant of Hakbit ransomware. This ransomware encrypts files, appends its extension to the filenames and creates ransom messages. Builder modifies encrypted files by appending the ".builder" extension to filenames. For example, it changes "1.jpg" to "1.jpg.bu
Tracker Package is a typical browser hijacker: it promotes a fake search engine (trackerpackage1tab.com) by changing browser settings and collects browsing data. Apps of this type are categorized as potentially unwanted applications (PUAs), since users often download and install them inadvertently
When visited, websites such as cicort[.]com open other rogue web pages or load dubious content. In any case, they cannot be trusted. People do not often visit these addresses intentionally - they are opened by potentially unwanted applications (PUAs) installed on browsers and/or operating systems.
Template Helper is a potentially unwanted application (PUA), a browser hijacker which changes certain browser settings to htemplatehelper.co. In this way, it promotes a fake search engine. Template Helper is categorized as PUA, since people often download and install browser hijackers unintentiona
There are many browser hijackers on the internet. Typically, they promote the addresses of fake search engines by changing browser settings and collecting browsing-related data. RecipeFox promotes recipefox.recipes in this manner. Generally, users download and install apps such as RecipeFox (brow
Email Access Here is a rogue app categorized as a browser hijacker. It is endorsed as a tool for quick and easy access to email accounts. This application modifies browser settings to promote hp.hemailaccesshere.com (or search.hemailaccesshere.com), a fake search engine. It also tracks and collec
Discovered by dnwls0719, .waiting is a malicious program categorized as ransomware. This malware encrypts files and demands payment for decryption. During the encryption process, the original filenames are appended with an extension consisting of a unique ID assigned to the victims and ".waiting"
GloboSearch is advertised as a tool which improves the browsing experience, however, this app promotes a fake search engine (globo-search.com) by changing certain browser settings. GloboSearch is therefore classified as a browser hijacker and also a potentially unwanted application (PUA), since us
Discovered by dnwls0719, Shadow Cryptor is malicious software classified as ransomware. It operates by encrypting data in order to demand payment for decryption. There is reason to believe that this variant of Shadow Cryptor is a test version, which is likely to be updated in future. During the e
OptimumSearch (search.optimum.icu) is a potentially unwanted application (PUA), a browser hijacker designed to promote search.optimum.icu (the address of a fake search engine) by changing browser settings and adding the "Managed by your organization" feature. It might also collect various data. B