Lampion is a malicious program, a banking Trojan which cyber criminals proliferate by sending emails. The messages contain a link that downloads an archive file (ZIP) containing malicious files. Since Lampion is a banking Trojan, cyber criminals have designed it to steal information that can be us
Forms Guru is a rogue application, advertised as a tool for easy access to various forms. This Potentially Unwanted Application (PUA) operates as a browser hijacker. It changes certain browser settings to promote a fake search engine (search.formsgurutab.com). Additionally, most browser hijackers
The akamaihd.net web address is promoted through a potentially unwanted application (PUA), an app categorized as a browser hijacker. The name of this browser hijacker is unknown, however, research shows that it relates to another app of this type called Search Pulse. This is because akamaihd.ne
Discovered by Alex Svirid, Happy New Year is an updated variant of WannaCash ransomware. This malicious program operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all files are renamed with the following pattern: assigned file number; "file enc
BDDY is a part of the Matrix ransomware family. It encrypts files and renames them using this pattern: "[Buddy@criptext.com].[random_string]-[random_string].BDDY". For example, "1.jpg" might become "[Buddy@criptext.com].xQ4uk8Vz-KAFJcwKX.BDDY", and so on. BDDY stores the "#BDDY_README#.rtf" ranso
nvux.xyz is the address of a fake search engine. Typically, these bogus sites are promoted by browser hijackers - Potentially Unwanted Applications (PUAs) that change certain browser settings. This fake search engine is promoted by a PUA called CERX, which is related to the QIP rogue app. Note th
theultimatesafevideoplayer[.]info is one of many deceptive websites that attempts to trick visitors into installing adware or other potentially unwanted applications (PUAs). This is achieved via an installer, which supposedly installs updates for Adobe Flash Player. These sites are usually open
Spelevo is the name of an exploit kit that abuses software vulnerabilities to infect systems with various malware. In this case, it triggers vulnerabilities in Internet Explorer browser and Adobe Flash Player, and redirects users to the lookatmyvideo[.]com (LookAtMyVideo) website, which is disguis
Online Safety is a browser hijacker developed by Safely. It is endorsed as a multi-purpose tool, which is supposedly designed to enhance the browsing experience. The advertised capabilities include real time alerts about visits to harmful websites, management of user data collected by sites and de
Very similar to searchmedia.online, feed.ebooks-club.com, feed.searchfrit.com, and many other sites, speedtestace.co is a fake search engine. Its developers claim that this search engine provides an enhanced browsing experience (fast and accurate searches, improved results, and so on), however, t