BOMBO belongs to the Dharma ransomware family and was discovered by Petrovic. BOMBO ransomware encrypts files and renames them, displays a ransom message (in a pop-up window), and drops other ransom messages (text files) into folders that contain encrypted data. It renames encrypted files by addi
SearchToolHelper is a rogue app categorized as adware, which also has browser hijacker characteristics. Following successful infiltration, this application runs intrusive advertisement campaigns, modifies browser settings and promotes fake search engines. Most adware and browser hijacking apps
PrimaryIndexer is designed to serve advertisements, promote the Safe Finder website (by opening it through akamaihd.net) and change certain browser settings to the address of a fake search engine. In this way, the app functions as adware and a browser hijacker. Research shows that PrimaryIndexe
Easy Email Checker hijacks browsers by changing certain settings to easyemailcheck.co (the address of a fake search engine). It is likely that this app also collects information relating to users' browsing activities. Browser hijackers are categorized as potentially unwanted applications (PUAs), s
When visited, testyourlucky[.]com opens various other scam websites claiming that people have the chance to win a prize. These scam sites attempt to deceive visitors into entering personal information or even paying, for example, a shipping fee. Neither testyourlucky[.]com nor websites that are op
checkvd[.]com is an untrustworthy site sharing similarities with enerativearea.pro, oawhaursaith.com, globallyreinvation.com and countless other rogue web pages. It presents visitors with dubious content and/or redirects them to other malicious websites. Typically, checkvd[.]com and similar pages
Track Net Speed is a browser hijacker endorsed as an internet speed tracking tool. It operates by making alterations to browser settings to promote tracknetspeed.com (a bogus search engine). Track Net Speed also possesses data tracking capabilities, which are used to monitor users' browsing activi
1shownews[.]com is an untrustworthy website, sharing common traits with enerativearea.pro, oawhaursaith.com, globallyreinvation.com and countless others. Visitors to this site are presented with dubious material and/or are redirected to other rogue and malicious pages. These websites are rarely a
prudensearch.com is the address of a fake search engine supposedly designed to improve the browsing experience (generate accurate results, provide quick access to various popular pages, etc.). Generally, these search engines are promoted through potentially unwanted applications (PUAs) classifie
Discovered by malware researcher S!Ri, ZORAB is a malicious program classified as ransomware. Systems infected with this program experience data encryption and users receive ransom demands for decryption tools/software. During the encryption process, files are appended with the ".ZRB" extension.