Cheetah is a keylogger (keystroke logger), which is sold for $30/month, $65/three months, and $110/year. Software of this type records keys pressed on the keyboard (keyboard input). Typically, cyber criminals attempt to trick people installing keyloggers on their computers so that they can steal
Winprizes is a group of deceptive websites, which promote various scams. For example, these web pages have been observed promoting "Latest version of Adobe Flash Player" and "Dear Chrome User, Congratulations!" scams. Note that different schemes or other dubious content might also be accessed vi
Rxx is malicious software belonging to the Dharma ransomware family. This malware was discovered by Jakub Kroustek and operates by encrypting data in order to demand payment for decryption tools/software. During the encryption process, all compromised files are renamed according to the following
Research shows that cyber criminals behind PwndLocker ransomware target business networks and local governments. PwndLocker encrypts files with the RSA-2048 encryption algorithm and creates a ransom message within a text file named "H0w_T0_Rec0very_Files.txt", which can be found in folders that co
Deman is a malicious program belonging to the Everbe ransomware family. This malware operates by encrypting the data of infected systems so that ransom demands can be made for decryption. During the encryption process, the filename extensions of all affected files have "deman" added to them. For
qlopx.xyz is the address of a fake search engine promoted through a potentially unwanted application (PUA), a browser hijacker called SApp+ (or Smash App+). It is possible that other apps also promote qlopx.xyz. Generally, apps of this type promote the addresses of fake search engines by changing
Discovered by malware researcher Raby, Anon is a malicious program classified as ransomware. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are appended with the ".anon000" extension. For
MuchLove is a ransomware-type infection based on HiddenTear. It renames all encrypted files by appending the ".encrypted" extension to filenames. For example, it renames "1.jpg" to "1.jpg.encrypted", and so on. MuchLove also creates a ransom message within the "READ_IT.txt" file, which can be foun
Rezm is a ransomware-type program that belongs to the Djvu family. It encrypts files that are stored on the infected computer, renames them and creates a ransom message. This ransomware renames all files by appending the ".rezm" extension to filenames. For example, Rezm renames a file named "1.jp
Dewar is a malicious program belonging to the Phobos ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are renamed according to the following pattern: original filename,