Marlboro is a ransomware-type virus distributed via spam emails. Following infiltration, Marlboro encrypts files using RSA-2048 and AES-128 cryptography, and appends filenames with the ".oops" extension. For example, "sample.jpg" is renamed to "sample.jpg.oops". Following successful encryption, M
Developers present startpageing123.com as an improved Internet search engine that enhances the Internet browsing experience by generating improved search results. These claims often trick users into believing that startpageing123.com is legitimate. In fact, this website is promoted using deceptiv
Phoenix is malware based on Hidden Tear - an open source ransomware project. Following successful infiltration, Phoenix encrypts files using the AES-256 encryption algorithm. It also renames encrypted files by appending the ".R.i.P" extension to each file name. For instance, "sample.jpg" is renam
search.moviecorner.com is a fake Internet search engine claiming to enhance the Internet browsing experience by generating improved search results and providing quick access to various popular websites. On initial inspection, search.moviecorner.com may seem legitimate and useful, however, develop
The WebWebWeb.com browser hijacker infiltrates Internet browsers (Google Chrome and Mozilla Firefox) through free software downloads. At time of testing, this website was promoted via an application called 'video downloader professional'. Developers of this browser settings-changing adware (LINK6
obzhora.net is a deceptive website claiming to be an improved Internet search engine that generates improved results. Judging on appearance alone, obzhora.net barely differs from Bing, Yahoo, Google, and other legitimate Internet search engines. Therefore, many users believe that obzhora.net is al
Evil is a ransomware-type virus written in Javascript. Following infiltration, Evil encrypts various files using AES cryptography. During encryption, Evil appends ".file0locked" to the name of each encrypted file. For instance, "sample.jpg" is renamed to "sample.jpg.fire0locked". Updated variants
InstallWizz is an adware-type application claiming to allow users to download and install various apps. On initial inspection, InstallWizz may appear legitimate and useful, however, this app often infiltrates systems without permission. Furthermore, it generates intrusive online advertisements a
FireCrypt is a ransomware-type virus that encrypts files using AES-256 cryptography. The executable used to encrypt files opens a console window that contains various figures drawn using ASCII art. This malware appends the ".firecrypt" extension to the name of each encrypted file. For instance, "
MafiaWare is malware based on an open-source ransomware project called Hidden Tear. Following successful infiltration, MafiaWare encrypts files using AES cryptography. In addition, MafiaWare appends the ".Locked-by-Mafia" (or ".Locked-Mafiaware") extension to the name of each encrypted file (e.g.,