Discovered by dnwls0719, .waiting is a malicious program categorized as ransomware. This malware encrypts files and demands payment for decryption. During the encryption process, the original filenames are appended with an extension consisting of a unique ID assigned to the victims and ".waiting"
GloboSearch is advertised as a tool which improves the browsing experience, however, this app promotes a fake search engine (globo-search.com) by changing certain browser settings. GloboSearch is therefore classified as a browser hijacker and also a potentially unwanted application (PUA), since us
Discovered by dnwls0719, Shadow Cryptor is malicious software classified as ransomware. It operates by encrypting data in order to demand payment for decryption. There is reason to believe that this variant of Shadow Cryptor is a test version, which is likely to be updated in future. During the e
OptimumSearch (search.optimum.icu) is a potentially unwanted application (PUA), a browser hijacker designed to promote search.optimum.icu (the address of a fake search engine) by changing browser settings and adding the "Managed by your organization" feature. It might also collect various data. B
Discovered by dnwls0719, CrypTron is malicious software classified as ransomware and written in the Python programming language. Malware within this classification operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all affected files are append
Many scammers are taking advantage of the coronavirus pandemic by sending various scams via email. These attempt to trick recipients into transferring money, clicking on malicious links, opening malicious attachments, etc. In this particular case, scammers seek to deceive recipients into transferr
Commonly distributed through fake Adobe Flash Player updates, LookupTool is a rogue application. It operates as adware by running intrusive advertisement campaigns. Additionally, it has browser hijacker characteristics, such as browser settings modification and fake search engine promotion. Mos
.iso (Phobos) is a malicious program belonging to the Phobos ransomware family. This malware encrypts data and demands payment for decryption. During the encryption process, files are renamed according to this pattern: original filename, unique ID assigned to the victims, cyber criminals' email a
SearchZone is a potentially unwanted application (PUA), a browser hijacker that assigns certain browser settings to feed.search-zone.com. In this way, it promotes a fake search engine (feed.search-zone.com) by forcing users to visit the site. It is also likely that SearchZone can access and recor
biosc.xyz is the address of a fake search engine, which is promoted through at least two browser hijackers called DISI APP and SApp+, Vitos APP. Generally, browser hijackers promote fake search engines by modifying browser settings. Additionally, apps of this type can often record data. Few users