Discovered by Jakub Kroustek, Junior is the name of a new version of Paradise ransomware. Like many other programs of this type, Junior encrypts data and encourages victims to pay a ransom. It creates a ransom message within an HTML file called "%= RETURN FILES =&.html" and renames locked fil
Brusaf is one of many ransomware-type infections from the Djvu ransomware family. As with most of these infections, Brusaf was discovered by Michael Gillespie. The purpose of Brusaf is to stealthily infiltrate computers and encrypt most stored files, thereby rendering them unusable. During encryp
Identical to ScreenCapture.app, Spaces.app, and a number of others, ScreenSaver (also known as ScreenSaver.app) is a potentially unwanted application (PUA) and software categorized as adware. This particular app is designed to promote a dubious website (searchbaron.com), which is a fake search e
Discovered by Michael Gillespie, Prandel is a ransomware-type program and part of the Djvu ransomware family. Typically, these programs prevent victims from accessing their files by encoding data with strong encryption algorithms. Additionally, they create/display ransom messages that contain info
Clipsa is a malicious program categorized as a password stealer. Cyber criminals use it to steal various cryptocurrencies, administrator credentials from poorly-secured WordPress websites, replace cryptocurrency addresses saved on the victim's clipboard, and to mine cryptocurrency. Some versions
trackpackagehome.com is yet another fake search engine that supposedly generates improved results, and allows users to track delivery statuses and access various popular websites. Judging on appearance alone, trackpackagehome.com may seem legitimate and useful, however, this website is often prom
Zatrov is part of the Djvu ransomware family and was discovered by Michael Gillespie. It encrypts data and prevents access unless decryption is performed with a tool that can be purchased from the cyber criminals who developed the ransomware. Zatrov renames all encrypted files by changing extensio
checking-your-browser[.]com is a rogue website that is virtually identical to seplumming.pro, uptobox.com, goodmedia.me, and many others. The purpose of this website is to feed users with dubious content and redirect them to other rogue sites. Users typically visit checking-your-browser[.]com ina
The internet is full of rogue websites similar to seplumming[.]pro. Other examples are pushmobilenews[.]com, renropsitto[.]info, and ticeroftertal.info. The pages redirect visitors to other untrustworthy, potentially malicious websites. Most people do not visit seplumming[.]pro intentionally - th
uptobox[.]com offers a file hosting service. Users can upload their files and share them with other people, however, uptobox[.]com uses rogue advertising networks and contains illegal files such as set-ups of cracked software. People who use this web page risk being tricked into download of poten