Discovered by GrujaRS, Guesswho is a high-risk ransomware infection (potentially, a new variant of Rapid ransomware), which stealthily infiltrates computers and encrypts most stored data. In doing so, Guesswho renames each encrypted file to a random string and appends the ".guesswho" extension. F
Madek is a high-risk ransomware infection discovered by Michael Gillespie and belonging to Djvu, a family of ransomware-type infections. Immediately after infiltration, Madek compromises stored data by encryption, thereby rendering it unusable. In addition, Madek renames each file by adding the "
First discovered by Michael Gillespie and belonging to the Djvu ransomware family, Gehad is a high-risk infection designed to encrypt data and keep it in that state unless a ransom is paid. During encryption, Gehad appends each filename with the ".gehad" extension (hence its name). After successf
Extenbro is a trojan-type application designed to modify DNS system settings in the IPv4 protocol. Cyber criminals proliferate this malware using the "bundling" method, and thus Extenbro infiltrates computers during installation of other programs. The main purpose of Extenbro is to protect a
Hidden Bee (also known as Hidden Mellifera) is a trojan-type infection designed to mine cryptocurrency. Therefore, it diminishes system performance. This malware infiltrates computers without users' consent and research shows that cyber criminals proliferate Hidden Bee using the Popcash advertisin
First discovered by Jakub Kroustek, 1BTC is yet another variant of high-risk ransomware called Dharma. As with its predecessor, 1BTC encrypts most stored files and appends each filename with the victim's unique ID, developer's email address, and ".1BTC" extension. For example, "sample.jpg" might
First discovered by Michael Gillespie, V6cye is a ransomware-type infection that belongs to the Snatch ransomware family. This malware is designed to encrypt data and make ransom demands. During encryption, V6cye adds the ".v6cye" extension to each filename. Additionally, V6cye stores the "RESTORE
Discovered by Michael Gillespie, Berosuce is yet another ransomware infection from the Djvu family. As with other malware from this family, Berosuce encrypts most data stored on the system. It also appends filenames with the ".berosuce" extension (e.g., "sample.jpg" is renamed to "sample.jpg.beros
gloyah[.]net is related to adf.ly, a legitimate website that provides a URL-shortening service. The users of this service are paid for shortening URLs and promoting them, since each visitor is presented with a five-second advertisement before the target (website) is reached. Note that gloyah[.]net
Identical to Spotlight.app, Spaces (also known as Spaces.app) is a rogue adware-type application that promotes the searchbaron.com fake search engine. This application monitors web browsing activity and redirects users to searchbaron.com when they enter a search query. Spaces usually infiltrates