CerberTear is a new variant of Cerber - a high-risk ransomware-type virus based on Hidden Tear (an open-source ransomware project). CerberTear was firstly discovered by Karsten Hahn. Following infiltration, CerberTear encrypts files using asymmetric cryptography. Unlike its previous version, howe
DummyLocker is a ransomware-type virus discovered by Karsten Hahn. Following system infiltration, DummyLocker encrypts files using AES-256 cryptography and appends the ".dCrypt" extension to the name of each encrypted file (e.g., "sample.jpg" becomes "sample.jpg.dCrypt"). Following successful enc
Gremit is a ransomware-type virus which encrypts files stored on the system. During encryption, Gremit appends file names with the ".rnsmwr" extension (e.g., "sample.jpg" is renamed to "sample.jpg.rnsmwr"). A pop-up window containing a ransom-demand message is then displayed. The Gremit messag
"Your Computer May Be At Risk" is a fake error message displayed by a number of deceptive potentially unwanted programs (PUPs, such as "PC Clean Plus", "PC Purifier", etc.) By offering a variety of 'useful features', PUPs often trick users into believing that they are legitimate programs. In fact
Identical to Kangaroo, Esmeralda is an updated version of Apocalypse ransomware. Following infiltration, Esmeralda encrypts various files and appends the ".encrypted" extension to the name of each encrypted file. For instance, "sample.jpg" becomes "sample.jpg.encrypted". A pop-up window is then d
Kangaroo is a new variant of file-encryption ransomware called Apocalypse. Following successful infiltration, Kangaroo encrypts files and appends their names with the ".crypted_file" extension (for example, "sample.jpg" becomes "sample.jpg.crypted_file"). Once files are encrypted, Kangaroo opens
Discovered by Jakub Kroustek, Command Prompt is a ransomware-type virus that allegedly encrypts victims' files. There are two variants of this malware: "PayDOS" and "SERPENT". Following infiltration, this ransomware 'encrypts' files and opens a command prompt (cmd), which contains a ransom-demand
webstarts.biz is presented as a legitimate Internet search engine that supposedly enhances the web browsing experience by generating improved search results and providing quick access to a number of popular websites. This functionality might appear legitimate and useful, however, webstarts.biz is
Winrared is a ransomware-type virus that infiltrates the system and locks all files by adding them to a single password-protected archive called "YourFilesHere-OpenWithWinrar.ace". This is very uncommon to ransomware-type viruses, since most encrypt files using symmetric/asymmetric encryption algo
Slithermon is a rogue application that supposedly allows users to play a popular browser arcade game called "Slither.io" directly from the desktop. This functionality may seem legitimate and useful, however, this application is not genuine and has no association with the actual game. Slithermon o