Phoenix is malware based on Hidden Tear - an open source ransomware project. Following successful infiltration, Phoenix encrypts files using the AES-256 encryption algorithm. It also renames encrypted files by appending the ".R.i.P" extension to each file name. For instance, "sample.jpg" is renam
search.moviecorner.com is a fake Internet search engine claiming to enhance the Internet browsing experience by generating improved search results and providing quick access to various popular websites. On initial inspection, search.moviecorner.com may seem legitimate and useful, however, develop
The WebWebWeb.com browser hijacker infiltrates Internet browsers (Google Chrome and Mozilla Firefox) through free software downloads. At time of testing, this website was promoted via an application called 'video downloader professional'. Developers of this browser settings-changing adware (LINK6
obzhora.net is a deceptive website claiming to be an improved Internet search engine that generates improved results. Judging on appearance alone, obzhora.net barely differs from Bing, Yahoo, Google, and other legitimate Internet search engines. Therefore, many users believe that obzhora.net is al
Evil is a ransomware-type virus written in Javascript. Following infiltration, Evil encrypts various files using AES cryptography. During encryption, Evil appends ".file0locked" to the name of each encrypted file. For instance, "sample.jpg" is renamed to "sample.jpg.fire0locked". Updated variants
InstallWizz is an adware-type application claiming to allow users to download and install various apps. On initial inspection, InstallWizz may appear legitimate and useful, however, this app often infiltrates systems without permission. Furthermore, it generates intrusive online advertisements a
FireCrypt is a ransomware-type virus that encrypts files using AES-256 cryptography. The executable used to encrypt files opens a console window that contains various figures drawn using ASCII art. This malware appends the ".firecrypt" extension to the name of each encrypted file. For instance, "
MafiaWare is malware based on an open-source ransomware project called Hidden Tear. Following successful infiltration, MafiaWare encrypts files using AES cryptography. In addition, MafiaWare appends the ".Locked-by-Mafia" (or ".Locked-Mafiaware") extension to the name of each encrypted file (e.g.,
Zwhip is a rogue application claiming to allow users to access websites that are blocked in their countries. Initially, this functionality may seem legitimate and useful, however, Zwhip often infiltrates systems without direct permission. In addition, this app continually delivers intrusive onlin
SearchFormsOnline is a deceptive application that supposedly helps users to find US government forms relating to taxes, healthcare, travel, etc. On initial inspection, this functionality may appear legitimate and useful, however, SearchFormsOnline often infiltrates systems without users' consent.