Discovered by dnwls0719, Waldo is a malicious program classified as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, filenames of affected files are typically appended with an ext
There are many fake search engines on the internet. In most cases, they are promoted through potentially unwanted applications (PUAs), browser hijackers. Note that vmos.xyz is the address of a fake search engine, which is promoted through PUAs named SApp+ and Ext Apps. It is possible that other b
belazyelephant[.]com opens various untrusted pages or loads dubious content. It functions in a similar way to many other rogue websites including, for example, go9news[.]biz, alisalis[.]com and exq-timepieces[.]com. These are often opened by potentially unwanted applications (PUAs) installed on th
alisalis[.]com is one of many rogue websites that load dubious content or redirect visitors to other untrusted web pages. Some examples of other pages similar to alisalis[.]com include go9news[.]biz, speakwithjohns[.]com and exq-timepieces[.]com. Browsers often open websites of this type when pote
Cyber criminals commonly attempt to spread malicious programs through files attached to their emails (spam campaigns). In summary, they send emails that are disguised as important, official and seek to deceive recipients into opening/executing the downloaded file. In this case, cyber criminals se
Npsk is one of many malicious programs that form part of the ransomware family called Djvu. This particular ransomware infection was discovered by Karsten Hahn and is designed to encrypt victims' files, modify filenames and create ransom messages. Npsk modifies encrypted files by appending the ".
PlugX is a Remote Access Trojan (RAT). Malware under this classification grants cyber criminals remote access and control over the infected device. PlugX Trojan has various capabilities, which can cause particularly serious issues. It has been observed targeting Afghan, American, Russian, Belorus
DataQuest is part of the AdLoad adware family. This application displays advertisements, promotes a fake search engine, and might also gather various information. In summary, this app operates as adware and a browser hijacker. Typically, users do not download or install apps of this type intenti
"Corona case" is a deceptive email designed to trick users into installing TrickBot malware. The message exploits the current social climate (i.e., the coranvirus pandemic). It claims that the attached document contains urgent information concerning the pandemic and recipients are tricked into ope
There are a number of variants of the Coronavirus spam campaign. Cyber criminals use it to deceive recipients into infecting their computers with malicious programs such as Agent Tesla, Emotet, LokiBot, Remcos, TrickBot, FormBook, Ave Maria, LimeRAT, CrimsonRAT, and other high-risk malware. They