Discovered by Michael Gillespie, Recry1 is high-risk ransomware designed to stealthily infiltrate computers and compromise (encrypt) stored files. Additionally, Recry1 appends filenames with the ".recry1" extension (e.g., "sample.jpg" is renamed to "sample.jpg.recry1"). Encrypted data immediately
Berost's developers use this ransomware to encrypt victims' data and block access to it until ransoms are paid. This malicious program belongs to the Djvu ransomware family. It places a ransom message (within the "_readme.txt" text file) in all folders that contain encrypted files. Encrypted files
searchnewworld.com is a dubious website, a fake search engine that opens bing.com. Note that searchnewworld.com is opened by goto-searchitnow.global.ssl.fastly.net, which in turn, is opened by a number of unwanted applications/malware, such as Fake Calculator. Unlike browser hijackers, Fake Cal
apple.com-mac-booster[.]live is a deceptive website that is designed to promote the CleanupMy-Mac application. It is deceptive, since it displays a fake virus alert message stating that the visitor's computer is infected (this is false). It encourages visitors to remove viruses using the aforeme
Related to MacSecurityPlus, Fake Calculator is malicious application that claims to be the genuine MacOS calculator. This app does not change browser settings, however, as long as it is installed, it redirects people who attempt to surf the web using their browsers to bing[.]com, goto-searchitn
Win32/Zpevdo is high-risk trojan designed to modify Windows Firewall settings. This malware typically infiltrates systems when another trojan is installed (a result of "chain infections") or when users visit malicious websites. The presence of Win32/Zpevdo trojan makes the system more vulnerable t
"Xerox Color Workstation Email Virus" is the name of a spam campaign, designed by cyber criminals to proliferate a malicious program, a keystroke logger called Hawkeye. The main purpose of the email issued by this campaign is to trick people into opening the attached file, which infects computer
The internet is flooded with websites similar to renropsitto[.]info including, for example, Pushnews[.]online, txtnews[.]online, and watch-this[.]live. These are just some examples from many. Most of these sites are virtually identical. Once visited, they display untrustworthy content or open othe
ticeroftertal[.]info is a rogue website that has the same purpose as pushnews[.]online, txtnews[.]online, watch-this[.]live, and many other websites of this type. Once visited, it redirects users to websites that cannot be trusted or displays dubious content. Typically, people are forced to visit
The "PayPal account is on hold" scam is presented on a deceptive website that should not be trusted. Scammers use it to steal PayPal accounts. Typically, people end up visiting websites of this type due to potentially unwanted applications (PUAs) installed on their browsers or operating systems.