Discovered by Raby, Cyborg Builder is a malicious program categorized as ransomware and designed to encrypt the data of infected devices and then demand payment for decryption. During encryption, all files are renamed and duplicated. For example, a file such as "1.jpg" becomes "1.jpg.Indonesia" an
mainplaceupgradesfree[.]info is designed to deceive visitors into using a fake installer for a new Adobe Flash Player version. Typically, websites of this type download installers of various potentially unwanted applications (PUAs). For example, browser hijackers, adware or even malicious progra
Discovered by MalwareHunterTeam, AlbCry is based on another ransomware infection called Jigsaw. It encrypts files and renames them by appending the ".locked" extension to their filenames. For example, it renames a file called "sample.jpg" to "sample.jpg.locked", and so on. Furthermore, AlbaCry di
Discovered by malware researcher, S!Ri, SatanCryptor is a ransomware-type malicious program. It operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all files are renamed with "#_THIS_FILE_IS_ENCRYPTED_", unique ID codes, the developer's email ad
Discovered by Xavier Mertens, Node.js is a ransomware-type malicious software. This malware encrypts the data of infected devices and demands payment for decryption. When Node.js encrypts, files are appended with the ".encrypted" extension. Therefore, a file such as "1.jpg" would appear as "1.jpg
Listentoyoutube[.]online allows users to convert videos uploaded on YouTube to MP3 files, and then to download them. It is illegal to download videos from YouTube. Furthermore, listentoyoutube[.]online uses rogue advertising networks - it redirects users to various untrustworthy, potentially mali
Discovered by Michael Gillespie, AWT is malicious software that shares many similarities with Snc ransomware. This malware is designed to encrypt data and demand payment for decryption tools/software. When AWT encrypts, all files are renamed with a unique ID, the developer's email address and the
add-to-browser[.]xyz is an untrustworthy website. There are countless rogue web pages on the internet which present visitors with dubious content and/or redirect them to other dubious and malicious sites including, for example, grabthemp3.com, thegoodcaster.com, and 27news.biz. Note that add-to-b
pointmp3[.]com is the address of a website which offers an illegal service: it allows users to download audio from YouTube by converting uploaded videos to MP3 format. This website also employs rogue advertising networks. People who use pointmp3[.]com are redirected to various other untrustworthy
Devil is a part of Phobos, a family of ransomware-type programs. It renames encrypted files by appending the victim's ID, developer's email address and ".devil" extension to filenames. For example, a file such as "1.jpg" is renamed to a filename such as "1.jpg.id[1E857D00-2574].[decrypt4data@proto