GuLoader (also known as CloudEyE) is a malware downloader used by cyber criminals to proliferate various Remote Access Trojans (RATs) and other Trojan-type programs. They use GuLoader to infect computers with malicious programs that can be used to steal sensitive information, infect computers with
ONION is a malicious program belonging to the Dharma ransomware family. It operates by encrypting data and demanding payment for decryption tools/software. During the encryption process, all affected files are renamed according to the following pattern: original filename, unique ID, cyber criminal
Discovered by Jakub Kroustek, IPM is a malicious program belonging to the Dharma ransomware family. It encrypts files and renames them by adding the victim's ID, decoding@qbmail.biz email address and appending the ".IPM" extension to filenames. For example, it changes a file named "1.jpg" to "1.j
Logic Search is a potentially unwanted application (PUA), a browser hijacker supposedly designed to improve the browsing experience (provide accurate search results and other features). In fact, it promotes a fake search engine (feed.logic-search.com) by changing browser settings and gathering var
"Increaseofprofit" is a group of deceptive websites, which promote various scams. They have been observed promoting "Dear Chrome User, Congratulations!" and "Latest version of Adobe Flash Player" schemes. Other scams might also be promoted via these sites. Few users access these deceptive web p
Megabonus-point is a family of untrusted web pages that attempt to deceive visitors into downloading and installing potentially unwanted applications (PUAs) or even malicious programs, providing personal information, and so on. You are strongly advised not to trust any Megabonus-point websites.
"Arabitol GLOBAL TRADING" is a deceptive email claiming that recipients need to confirm a "new order". This is a phishing scam designed to steal recipients' email credentials (i.e., log-ins and passwords) thereby allowing scammers to gain full control over the email account. This could potentially
nvo1d.xyz is the address of a fake search engine. Research shows that it is promoted through browser hijackers called SApp+ and Wisip, however, it is possible that other browser hijackers might also promote nvo1d.xyz. Generally, apps of this type promote such addresses by changing browser settings
Convert Your File Now is advertised as a tool allowing quick access to various file conversion tools, however, this app is a browser hijacker which promotes search.convertyourfiletab.com, the address of a fake search engine. Typically, browser hijackers promote such addresses by changing browser s
File Converter Pro is a rogue application supposedly providing easy access to file format conversion tools. In fact, it operates by modifying browsers to promote search.fileconverterprotab.net, a fake search engine. Additionally, it monitors users' browsing habits and collects personal information