apple-online-guard[.]com is a scam website designed to target iPhone users, however, it might also be accessed by other Apple products. This deceptive site claims that visitors' devices are infected and recommends download/installation of a promoted application. No web page can detect threats/i
Like most ransomware-type programs, Gula is designed to deny access to data by encryption, rename all encrypted files, and provide victims with instructions about how to contact the developers (and other details) within a ransom message. It renames all files by appending the ".Gula" extension to f
The Government Forms Promos is classified as adware. It is promoted as a tool capable of providing access to tax, immigration, DMV and many other forms. Instead of delivering these features, The Government Forms Promos runs intrusive advertisement campaigns, which deliver a variety of undesirable,
Search Power+ is a potentially unwanted application (PUA), a browser hijacker. This rogue app hijacks browsers by assigning certain settings to searchpowerapp.com, the address of a fake search engine. PUAs often collect user-system information as well. Browser hijackers are categorized as PUAs, si
Eventbot is a banking Trojan which targets Android users. It attempts to steal sensitive information (such as credit card details, credentials) using overlay technique. It also abuses the Accessibility Service. Eventbot can be the reason behind serious privacy issues, monetary loss and other probl
Pekraut is malicious software classified as a Remote Access Trojan (RAT). This malware allows remote access and control over the infected device. RATs have a variety of capabilities and features, which enable a broad range of misuse. Pekraut Trojan has 27 commands, though at the time of research,
Mpaj is malicious software belonging to a family of ransomware infections called Djvu. The program is designed to encrypt victims' files, rename them by appending a specific extension, and create a ransom message. This ransomware renames all encrypted files by appending the ".mpaj" extension. For
Discovered by dnwls0719, Tilde is a malicious program and adware classified as ransomware. During the encryption process, all affected files are appended with the ".~~~~" extension. For example, a file originally named as something like "1.jpg" would appear as "1.jpg.~~~~" following encryption. O
Discovered by S!Ri, Random Ransom encrypts files, modifies their filenames and displays a pop-up window containing a message. Random Ransom changes encrypted files by appending the ".RANDOM" extension to filenames. For example, it renames "1.jpg" to "1.jpg.RANDOM", "2.jpg" to "2.jpg.RANDOM", and s
ActiveMulti is a rogue application with browser hijacker characteristics and classified as adware. It operates by delivering intrusive advertisements, altering browser settings and promoting fake search engines. This app promotes Safe Finder via the akamaihd.net website. Additionally, most adwa