Moncrypt was discovered by dnwls0719 and is part of the Scarab ransomware family. Typically, programs of this type encrypt data/files, rename encrypted files, and create and display ransom messages. Moncrypt renames all files by appending the ".moncrypt" extension to filenames. For example, it re
getalinkandshare[.]com is an untrusted website that downloads malicious files and redirects visitors to other deceptive, potentially malicious web pages. Note that getalinkandshare[.]com is used to trick visitors into downloading and opening files that might be designed to install browser hijack
Search by Live PDF Converter is a browser hijacker, which operates by modifying browsers to promote its associated fake search engine (feed.livepdfconverter.com). Furthermore, this app has data tracking capabilities, which are employed to monitor users' browsing habits. Due to its dubious prolife
"Windows Defender Security Center" is a fake error message displayed by various websites. Users visit often these sites inadvertently - they are redirected by potentially unwanted programs (PUPs) or intrusive advertisements delivered by other rogue sites. Research shows that many PUPs infiltrate
hecktasit.club is the address of a fake search engine and a website that, if accessed directly, opens nicetab.live, which is a download page of the NiceTab StartPage browser hijacker. Typically, fake search engines are promoted through rogue downloaders/installers that modify browser settings.
NiceTab StartPage is a browser hijacker, which is endorsed as a tool for customization of the browser homepage interface. These advertised features include various widgets (e.g. local time, current weather and forecasts, etc.), homepage wallpaper selection and so on. In fact, NiceTab StartPage
Takeprize is a family of untrusted, deceptive websites and a domain that, if visited, displays various lottery scams. At the time of research, takeprize loaded web pages that encouraged visitors to download an installer that distributes potentially unwanted apps (PUAs) including browser hijacker
Discovered by dnwls0719, PSAFE is malicious software belonging to the Matrix ransomware family. It is designed to encrypt the data of infected systems and demand ransom payments for decryption. During the encryption process, all affected files are renamed according to the following pattern: "[Safe
The Find A Flight Pro app is designed to provide quick access to flight information, however, it is actually classified as a potentially unwanted application (PUA), a browser hijacker. Apps of this type promote fake search engines by changing various browser settings. Find A Flight Pro promotes s
ENCRYPTED_RSA is a malicious program belonging to the CryptoLocker ransomware family. It operates by encrypting the data of infected systems and demanding payment for decryption tools/software. Additionally, it attempts to delete volume shadow copies. Volume Shadow Copy is a Windows service that