Youlittmeet is a family of deceptive web pages. In most cases, such families include web pages designed to advertise potentially unwanted applications (PUAs) like browser hijackers, adware-type applications. Some might be malicious and used to spread rogue programs such as Trojans and ransomware
Protect (Hydra) encrypts files, changes the filenames, and creates a ransom message. It renames all encrypted files by appending the ".protect" extension to filenames. For example, "1.jpg" becomes "1.jpg.protect", "2.jpg" to "2.jpg.protect", and so on. Instructions about how to contact the cyber
Discovered by dnwls0719, Wanna Decrypt0r 4.0 emulates WannaCry malware and is a malicious program belonging to the Jigsaw ransomware family. This ransomware encrypts the data of infected systems and makes ransom demands for decryption. During the encryption process, all files are appended with the
DisplayProgram supposedly improves the browsing experience, however, it simply generates revenue for the developers by serving advertisements. DisplayProgram is adware and also classified as a potentially unwanted application (PUA), since people often download and install it unintentionally. No
maroceffects[.]com is the address of a rogue web page which, when visited, redirects to other untrusted web pages or loads dubious content. There are many websites similar to maroceffects[.]com on the internet. Some examples are basenews7[.]com, topflownews[.]com and allow-space[.]com. Generally,
Shipment Trackers supposedly allows users to track their packages, and provides quick links to various shopping and social media sites. In fact, this app is a potentially unwanted application (PUA), a browser hijacker that promotes the hp.hshipmentrackers.com and search.hshipmentrackers.com addres
Discovered by JAMESWT, Math is a malicious program belonging to the Jigsaw ransomware family. It is designed to encrypt (lock) files, change their filenames and display a ransom message in a pop-up window. Math renames encrypted files by appending the ".math" extension to filenames. For example, "
Stompriln is a group of deceptive websites that run various scams. Web pages belonging to this group have been observed promoting the "Dear Safari User, You Are Today's Lucky Visitor" phishing scheme, however, other scams might also be promoted on these sites. Few users access these websites in
Oski is a malicious program which operates as an information stealer. After infiltration, Oski attempts to access personal, sensitive information so that the cyber criminals responsible can misuse it to generate revenue in various ways. Research shows that this information stealer is distributed t
DynamicExtra is an adware-type application with browser hijacker characteristics. It operates by running intrusive advertisement campaigns, modifying browsers and promoting fake search engines. DynamicExtra promotes the Safe Finder web search tool by opening it through akamaihd.net. Most apps o