Yourmonday is a set of deceptive websites (including competition1480.yourmonday67[.]live and play0273.yourmonday23[.]live) that promote potentially unwanted applications (PUAs). These sites deliver fake error messages stating that the system is infected/damaged and encourage visitors to downloa
Dodoc is a ransomware-type infection designed to encrypt most stored files, thereby rendering them unusable. This malware belongs to the Djvu ransomware family and was first discovered by Michael Gillespie. During encryption, Dodoc renames each file by adding the ".dodoc" extension (e.g., "sample
"Lo. Li. Pharma International Email Virus" is yet another spam email campaign used to spread malware. Cyber criminals send hundreds of thousands of emails containing deceptive messages that encourage recipients to open malicious attachments. At time of research, the distributed attachment was a Z
Discovered by GrujaRS, Hades666 is yet another variant of a high-risk ransomware called Maoloa. This malware is designed to encrypt most stored data so that developers can make ransom demands by offering paid recovery of files. During encryption, Hades666 renames each file by adding the ".Hades666
Discovered by Raby, Rabbit4444 is an updated variant of high-risk ransomware called Maoloa. The purpose of this ransomware is to encrypt data so that developers can make ransom demands by offering paid recovery of files. During encryption, this infection renames each file by appending the ".Rabbi
Discovered by malware researcher, Michael Gillespie, Todar is yet another ransomware-type infection that belongs to the Djvu malware family. This ransomware is designed to stealthily infiltrate computers and encrypt most stored files, thus rendering them unusable. In doing so, Todar appends each
First discovered by malware researcher, Michael Gillespie, Heran is one of many ransomware-type infections from the Djvu family. The purpose of Heran is to encrypt most stored files and keep them in that state unless a ransom is paid. During encryption, Heran appends each filename with the ".hera
First discovered by Michael Gillespie and belonging to the Djvu ransomware family, Lapoi is yet another ransomware-type infection that stealthily infiltrates computers and encrypts stored data. In doing so, Lapoi appends each filename with the ".lapoi" extension (e.g., "sample.jpg" becomes "sampl
Searchroute (an abbreviation for searchroute-1560352588.us-west-2.elb.amazonaws[.]com) is a website used by cyber criminals to promote the bing.com search engine in malicious ways. If you continually encounter redirects to Searchroute, your system is probably infected with adware-type applicatio
Lurk is yet another ransomware-type infection discovered by malware researcher, Petrovic. After successful infiltration, Lurk encrypts most stored files and renames them using the following pattern: "[random_string].original_extension.lurk". For example, "1.jpg" file might be renamed to a filename