Discovered by Jirehlov Solace, Scarabey prevents victims from accessing their files unless a ransom is paid. It encrypts files, changes their filenames and creates ransom messages. Scarabey renames encrypted files by changing the filenames to a string of random characters and appending the ".scarr
Discovered by dnwls0719, Sadogo encrypts files, changes filenames by appending the ".encrytped" extension (e.g., it renames "1.jpg" to "1.jpg.encrypted", and so on), and generates ransom messages within text files named "readme.txt". These ransom messages can be found in all folders that contain
AimSearch is designed to function as adware and a browser hijacker. It serves advertisements and promotes the address of a fake search engine. Typically, people download and install apps of this type inadvertently. Research shows that this particular app is often installed via a fake Adobe Flash
Lezp belongs to a ransomware family called Djvu. Like most other programs of this type, Lezp encrypts files, modifies their filenames and creates a ransom message. It renames encrypted files by appending the ".lezp" extension. For example, it changes "1.jpg" to "1.jpg.lezp", "2.jpg" to "2.jpg.lez
There are many websites claiming that a well-known company has chosen visitors to complete a survey and provide personal information to win a prize. This deceptive scam page claims that visitors have won the new iPhone 11 Pro. The main purpose of this scam is to trick unsuspecting visitors into
Maps & Directions by QuestForDirections is a browser hijacker designed to promote srchbar.com (a fake search engine) by modifying browser settings. It is very likely that this app also operates as an information tracking tool. Few users download and install browser hijackers intentionally and
Easy Email Plus is a browser hijacker which assigns certain browsers settings to easyemailplus.com (the address of a fake search engine). Easy Email Plus is distributed together with another potentially unwanted application (PUA) called Protect My Search App. These apps are categorized as PUAs, s
DisplaySuccess is a rogue app classified as adware. It operates by running intrusive ad campaigns, however, DisplaySuccess also possesses browser hijacker characteristics. It modifies browser settings and promotes Safe Finder through akamaihd.net (a fake search engine). Additionally, most adwar
Discovered by Jakub Kroustek, Love$ is a malicious program that belongs to a family of ransomware infections named Dharma. This ransomware renames encrypted files by adding the victim's ID, im.online@aol.com email address and appending the ".love$" extension to filenames. For example, it renames
.notfound is another version of Clown ransomware, which was discovered by Amigo-A. This ransomware renames all encrypted files and drops ransom messages in all folders that contain encrypted data. It renames files by using the "[Heeeh98@tutanota.com][id=victim's_ID]original_filename.notfound" patt