PETRONAS is a spam campaign that cyber criminals spread to infect recipients' computers with LokiBot, a trojan-type malicious program. They send emails with attached archive files (RAR) that contain malicious executables. Cyber criminals behind the PETRONAS spam campaign attempt to trick people in
The mpgun[.]com website allows users to download videos from YouTube and convert them to MP3 and MP4 formats. In fact, it is illegal to download videos from YouTube. Furthermore, mpgun[.]com employs rogue advertising networks. In summary, this website displays dubious advertisements and opens unt
Discovered by malware researcher Raby, Bhacks is a malicious program categorized as ransomware. It operates by encrypting data and demanding payment for decryption tools/software. During the encryption process, all affected files are renamed following this pattern: "Lock.", original filename, and
DRV is malicious software categorized as ransomware. It encrypts files, renames them and creates a ransom message. It renames encrypted files by appending the ".lasan" extension to their filenames. For example, "1.jpg" becomes "1.jpg.lasan", and so on. It also creates a ransom message in the form
srchpx.xyz is one of many fake search engines on the internet. Like most of them, this search engine is promoted through a potentially unwanted application (PUA), a browser hijacker. The name of the PUA that promotes srchpx.xyz is called SApp+. Typically, browser hijackers promote fake search eng
Bboo is malicious software, which is part of the Stop/Djvu ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. When Bboo ransomware encrypts, all affected files are appended with the ".bboo" extension. For example, a fil
Discovered by GrujaRS, Hellomynameisransom is ransomware that belongs to a family of ransomware-type programs called MedusaLocker. Like most programs of this type, Hellomynameisransom renames encrypted files by appending an extension to filenames and provides instructions about how to contact cybe
Discovered by dnwls0719, SNTG is a malicious program belonging to the Matrix ransomware family. Systems infected with it have data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, SNTG renames each file with the following pattern: "[SantaGma
ZYX belongs to the GlobeImposter family. This ransomware appends the ".{indus37098@india.com}ZYX" extension to the names of encrypted files. For example, "1.jpg" becomes "1.jpg.{indus37098@india.com}ZYX", and so on. Furthermore, this ransomware creates a ransom message within the "how_to_back_fil
0wnpr0m0[.]com is a deceptive/scam website. Its behavior varies, as does the material it displays. In general, it promotes dubious and possibly malicious content and generates redirects to likewise dangerous sites. It has been observed redirecting to a fake software update scam web page. These