Belonging to the Phobos malware family, Dever is a ransomware-type malicious program. Infected devices have their data encrypted and a ransom is demanded from the victims for decryption software/tools. When Dever encrypts files, it renames them according to the following pattern: unique ID, devel
"This is a VIRUS. You computer is blocked" is another technical support scam used by cyber criminals who claim to offer legitimate 'technical support'. They attempt to trick people into believing that their computers are infected/blocked and to make contact via the telephone number provided. Most
When visited, olaldo[.]com opens a number of untrustworthy, deceptive websites including those that attempt to trick people into installing unwanted, potentially malicious software, participate in fake lotteries, and so on. Typically, browsers open websites such as olaldo[.]com automatically when
Discovered by MalwareHunterTeam, BitPyLock is malicious software classified as ransomware. Infected systems have their data encrypted and receive ransom demands for decryption tools. When BitPyLock encrypts, affected files are renamed with the ".bitpy" extension. For example, a filename like "1.j
Kangaroo ransomware was discovered by S!Ri. Like other software of this type, Kangaroo encrypts data, appends its own extension to the filename of each encrypted file and creates ransom messages. This ransomware renames all encrypted files by appending the ".missing" extension. For example, "1.jp
Utilitool is a browser hijacker, which is promoted as a multi-purpose tool. It operates by modifying browsers and promoting feed.utilitooltech.com, a fake search engine. Additionally, it has data tracking capabilities, which it employs to gather browsing-related information. Due to the dubious me
Typically, people do not visit websites such as balanceformoon[.]com intentionally - browsers are often forced to open them by potentially unwanted applications (PUAs) installed on browsers or operating systems. There are many other websites similar to balanceformoon[.]com including, for example,
Discovered by malware researcher, S!Ri, Quimera is a malicious program classified as ransomware. This malware operates by encrypting the data of infected systems and demanding payment for decryption tools/software. Unlike most ransomware, Quimera does not rename files during encryption. After the
mediazone[.]mobi is a rogue website and should be avoided, however, many people arrive at this site inadvertently. Examples of similar web pages are toobotnews[.]biz, glagolinius[.]com and mayfootekvideo[.]com. Browsers usually open websites such as mediazone[.]mobi when potentially unwanted appli
There are two variants of Ako ransomware, however, the only difference between them is the way victims supposedly contact cyber criminals and pay the ransom. Both variants create a text file (containing a ransom message) named "ako-readme.txt". In one version of the ransom message, victims are in