"Attention 22 threats found" is a technical support scam run on deceptive websites. It makes claims that "22 threats" have been detected on the users' devices to trick them into calling a fake tech support line. No web page can detect threats/issues present on a visitor's system. Any that make su
Discovered by GrujaRS, xHIlEgqxx ransomware prevents victims from accessing and using their files by encryption with a strong encryption algorithm. It renames all encrypted files by appending the ".xHIlEgqxx" extension to filenames. For example, it would rename a file called "1.jpg" to "1.jpg.xHIl
Fantasic Movies hijacks browsers and promotes a fake search engine (fantasicmovies.com) by modifying the settings. Commonly, apps of this type change browser settings and gather data. People often download and install browser hijackers inadvertently and, for this reason, they are categorized as po
"ProtonMail email scam" refers to a spam campaign designed to hijack users' ProtonMail mail accounts. These messages claim that the recipient's email account has been suspended due to unspecified and unresolved errors, hence they risk losing access and suffering data deletion. The scam urges peop
Like most technical support scams, this one claims that the user's personal, sensitive information is stolen and the computer is infected with malware. Its main purpose is to trick unsuspecting people into calling scammers via the provided telephone number. Typically, scammers behind these decept
Discovered by dnwls0719, Geminis is a malicious program categorized as ransomware. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption keys/software. When Geminis ransomware encrypts data, files are appended with the ".geminis3" extension. The
hesterinoc[.]info is one of many sites that redirect visitors to other untrusted websites or load dubious content. More examples of pages that function in this way are promodayz[.]com, overiesarticu[.]info and pushpush[.]net. Typically, these web pages are opened through dubious ads, rogue web pag
magnetdl[.]com is a torrent website which uses rogue advertising networks and might contain copyrighted content. Note that buttons within magnetdl[.]com can lead to other untrusted and potentially malicious websites, including illegal streaming web pages. Note that 'torrenting' (using torrent clie
Discovered by Amigo-A, GoCryptoLocker is malicious software classified as ransomware. Ransomware is designed to encrypt data and demand payments for decryption. When GoCryptoLocker encrypts, all affected files are appended with the ".GEnc" extension. For example, a file originally named something
History Hide is advertised as a privacy-focused app that keeps users' searches private. In fact, it changes browser settings to promote its associated search engine (historyhide.com) and might also gather browsing-related and other data. Apps of this type are classified as browser hijackers. Peop