"Credit Card Refund" is a spam campaign designed to proliferate Dridex banking malware. These scam emails are presented as purchase/payment refunds. The attached Excel spreadsheet supposedly contains important information concerning this fake refund. Once opened, however, this malicious file start
InterfaceSample is an adware-type application with browser hijacker characteristics. It operates by running intrusive ad campaigns, modifying browsers and promoting fake search engines. This app promotes Safe Finder through akamaihd.net. Additionally, most adware infections and browser hijackers
UpdateSearch browser hijacker promotes update-search.com (the address of a fake search engine). Like most apps of this type, it achieves this by changing certain browser settings. UpdateSearch is also likely to collect information relating to users' browsing habits. People often download and inst
Game Searcher PRO is a browser hijacker, endorsed as a tool for easy access to various free online games. This software operates by making alterations to browser settings to promote search.gamesearcher.pro (a fake search engine). Game Searcher PRO also monitors users' browsing activity. Due to th
The GeneralCache app is designed to display ads, promote the Safe Finder website via akamaihd.net, and promote a fake search engine by changing certain browser settings. Generally, these apps also gather data. Therefore, GeneralCache operates as adware and a browser hijacker. People often downl
Stream hijacks browsers by changing settings to woosh.pro (the address of a fake search engine). It is also likely to collect various data. Generally, users download and install apps of this type inadvertently and, for this reason, they are categorized as potentially unwanted applications (PUAs).
pdfsrch.com is the address of a fake search engine. These bogus search tools are typically unable to provide unique results. They are promoted by Potentially Unwanted Applications (PUAs) classified as browser hijackers. Note that pdfsrch.com has been observed being promoted by the DoctoPDF, PDF O
Tituricsec is an adware-type application designed to serve advertisements and promote a fake search engine by changing certain browser settings. Therefore, it operates both as adware and a browser hijacker. Commonly, apps such as Tituricsec collect browsing-related (and other) data. Note that u
Black Claw (also known as BlackClaw) makes files inaccessible by encrypting them with AES and RSA encryption algorithms, renames every encrypted file, and generates two ransom messages. It renames files by adding the victim's ID (e.g., "hgcapmh02i") and appending the ".bclaw" extension to filename
Wbqczq is malicious software belonging to the Snatch ransomware family. This malware encrypts data and demands payment for decryption. During the encryption process, all affected files are appended with the ".wbqczq" extension. For example, a file originally named something like "1.jpg" would appe