Wanna Scream was discovered by S!Ri. This ransomware encrypts files, changes their filenames, creates a ransom message and displays another in a pop-up window. Wanna Scream renames all encrypted files by adding an email address (filemgr@tutanota.com), the victim's ID and appending the ".Wanna Scre
"Coloquei malware no site adulto" ("I put malware on the adult site") is an email scam targeting Portuguese users. The scheme uses the sextortion scam model to extort money from recipients through blackmailing them with threats to expose their sexual activity. The message claims that the user's d
piolo.xyz is the address of a fake search engine that is promoted through potentially unwanted applications (PUAs): browser hijackers called CERX and Dorss APP. It is also very likely that there are other apps of this type that promote this fake search engine. CERX is related to QIP (another brow
Pashka is malicious program categorized as ransomware. It is designed to encrypt the data of infected devices and demand payment for decryption tools. It is distributed via a hacked YouTube account called 'Noted'. YouTuber Noted has released a video, stating that his account account has been hacke
Identical to applesupportofficial.com, applecomsupport[.]com is a deceptive website that claims visitors' devices are infected and/or at risk. It advises them to contact a fake Apple support service - this 'service' actually leads to the designers of this scam. Most visits to applecomsupport[.]
As the name suggests, Daily Online Manuals supposedly provides various online manuals, however, this app is categorized as a browser hijacker and is designed to promote the address of a fake search engine (search.dailyonlinemanualstab.com) by changing browser settings. It also gathers details rel
Discovered by S!Ri, Roll Safe encrypts and renames victims' files, and displays a ransom message in a pop-up window. Roll Safe also renames encrypted files by appending the ".encrypted" extension to filenames. For example, "1.jpg" becomes "1.jpg.encrypted", and so on. Roll Safe displays a pop-
Part of the Phobos malware family, Bablo is a malicious program classified as ransomware. It operates by encrypting data and demanding ransom payments for decryption. During the encryption process, files are renamed with a unique ID, the developer's email address and the ".bablo" extension. For e
Converter King is a potentially unwanted application (PUA), a browser hijacker that supposedly operates as an online file converter. In fact, it promotes a fake search engine (search.converterkingtab.com) by changing browser settings and recording browsing data. In most cases, people download and
Discovered by Michael Gillett, "Cyber attack from Iran Government" is the title of an email scam that steals the log-in credentials of users' Microsoft accounts. This phishing scam claims that Microsoft servers have experienced a cyber attack, and therefore users' accounts have been locked to prot