Discovered by Jakub Kroustek, Love$ is a malicious program that belongs to a family of ransomware infections named Dharma. This ransomware renames encrypted files by adding the victim's ID, im.online@aol.com email address and appending the ".love$" extension to filenames. For example, it renames
.notfound is another version of Clown ransomware, which was discovered by Amigo-A. This ransomware renames all encrypted files and drops ransom messages in all folders that contain encrypted data. It renames files by using the "[Heeeh98@tutanota.com][id=victim's_ID]original_filename.notfound" patt
Free Maps World Promos is software categorized as adware and endorsed as a tool for easy access to maps and routes. In fact, it runs intrusive advertisement campaigns. This enables placement of various ads on any visited web page. Additionally, it has data tracking capabilities, which are used to
In most cases, people download and install adware such as CoordinatorMedia inadvertently. Therefore, apps of this type are categorized as potentially unwanted applications (PUAs). This particular app feeds users with advertisements and promotes Safe Finder by opening its associated address via a
When visited, overiesarticu[.]info leads visitors to other rogue websites or loads dubious content. There are many similar rogue websites on the internet. Some examples are alisalis[.]com, speakwithjohns[.]com and exq-timepieces[.]com. These pages are usually opened via other sites of this kind,
Locate Your Package is advertised as an app which allows users to track their packages in real time. In fact, this app is a browser hijacker designed to promote a fake search engine by assigning certain browser settings to locateyourpackagetab.com (another variant of this browser hijacker promotes
Local Weather Alerts is advertised as an app that allows people to check weather forecasts. In fact, it promotes hlocalweatheralerts.co (the address of a fake search engine) by changing browser settings and gathers browsing-related data. Local Weather Alerts is a browser hijacker, a potentially un
SearchVirtualInfo is an adware-type application that enables placement of intrusive ads on any visited website. Additionally, this app modifies browsers to promote fake search engines - behavior common to software classified as browser hijackers. Most adware programs and browser hijackers have d
greacore[.]com is a scam website, which makes deceptive claims to promote dubious applications. It states that users' iPhones have been damaged by two viruses and, to remove them, they must download and install a recommended app. These schemes are commonly used to distribute fake anti-virus too
"(3) Viruses has been detected" is a scam run on various deceptive web pages. It claims that threats have been detected on the device and recommends an untrusted piece of software to remove the fake viruses. This scheme targets iPhone users; however, it might also be accessed through other Apple