MafiaWare is malware based on an open-source ransomware project called Hidden Tear. Following successful infiltration, MafiaWare encrypts files using AES cryptography. In addition, MafiaWare appends the ".Locked-by-Mafia" (or ".Locked-Mafiaware") extension to the name of each encrypted file (e.g.,
Zwhip is a rogue application claiming to allow users to access websites that are blocked in their countries. Initially, this functionality may seem legitimate and useful, however, Zwhip often infiltrates systems without direct permission. In addition, this app continually delivers intrusive onlin
SearchFormsOnline is a deceptive application that supposedly helps users to find US government forms relating to taxes, healthcare, travel, etc. On initial inspection, this functionality may appear legitimate and useful, however, SearchFormsOnline often infiltrates systems without users' consent.
Developers present luckysite123.com as a legitimate Internet search engine that supposedly enhances the Internet browsing experience by generating improved search results. The appearance of this website barely differs from Bing, Google, Yahoo, and other similar legitimate search engines. Therefor
myluckysites.com is a fake Internet search engine similar to trotux.com and amisites.com. By offering improved search results, myluckysites.com often tricks users into believing that it is a legitimate and useful website. In fact, developers promote it via deceptive download/installation set-ups
GOG is ransomware-type malware designed to encrypt files using RSA-4096 cryptography. During encryption, GOG appends the ".L0CKED" extension to the name of each file. For example, "sample.jpg" is renamed to "sample.jpg.L0CKED". Following successful encryption, GOG changes the desktop wallpaper an
Erebus is a ransomware-type virus distributed via malicious online advertisements. These ads redirect users to a Rig exploit kit server, which infects the computer system. After infiltration, Erebus encrypts various files using RSA-2048 cryptography. During encryption, Erebus renames files the fo
FirstRansomware is another malware infection based on an open-source ransomware project named "Hidden Tear". Following successful encryption, FirstRansomware encrypts files using symmetric cryptography (AES). In addition, this malware appends the ".locked" (or ".krzysioka") extension to the name o
OpenToYou is another ransomware-type virus that encrypts files and renames them by appending the ".-opentoyou@india.com" extension to the name of each encrypted file. For instance, "sample.jpg" is renamed to "sample.jpg.-opentoyou@india.com". Once files are encrypted, OpenToYou changes the deskto
Red Alert is a file-encryption virus based on Hidden Tear (an open-source ransomware project). Red Alert encrypts files using AES cryptography and appends the ".locked" extension to the name of each encrypted file. For example, "sample.jpg" is renamed to "sample.jpg.locked". Once files are encryp