Phoenix is the name of an information stealer written in the C programming language. It sends the stolen information to cybercriminals. It is known that Phoenix is for sale on a hacker forum. Its lifetime subscription costs 1500 rubles, and a monthly one costs 400 rubles per month. Phoenix
Alert-defenders[.]com is a rogue website designed to present visitors with dubious content and/or redirect them to other (likely unreliable or malicious) pages. The Internet is rife with sites of this type; rplnd1.com, desktopshieldprotection.com, myfreshspot.com, ngecauuksehi.xyz, and smartcaptch
Mbrcodes is ransomware that encrypts data and changes the filenames of the encrypted files (it appends the ".mbrcodes--zip" extension). For example, it renames a file named "1.jpg" to "1.jpg.mbrcodes--zip", "2.jpg" to "2.jpg.mbrcodes--zip". Mbrcodes also creates a ransom note, the "HOW TO DECRYPT
LatestStructured is an adware-type app with browser hijacker abilities. Since most users unintentionally download/install software products of this kind, they are also classified as PUAs (Potentially Unwanted Applications). Adware enables the placement of pop-ups, coupons, surveys, banne
Fillsitsy[.]cam asks for permission to show notifications and redirects visitors to questionable web pages. More examples of websites having the same qualities are rplnd1[.]com, ablesasmetotre[.]xyz, and news-bogixo[.]cc. It is uncommon for these pages to be visited on purpose. Fillsitsy[.
Browser Guard is a rogue browser extension promising to protect users from accessing malicious and phishing websites. Instead, this piece of software is classified as adware due to running intrusive advertisement campaigns. Furthermore, adware-type products are also considered to be PUAs (Potentia
WindowsMegabyte functions as advertising-supported software and a browser hijacker. This app generates advertisements and changes the web browser's settings to promote a fake search engine. In most cases, users install such apps inadvertently. Thus, they fall into the category of potentially unw
WORM is the name of a malicious program, belonging to the Dharma ransomware family. It is designed to encrypt data (lock files) and demand payment for the decryption. Filenames are appended with a unique ID assigned to the victim, cyber criminals' email address, and a ".WORM" extension. For examp
Anywhere Search is a browser hijacker that changes some of the browser's settings to anywheresearch.com (promotes a fake search engine). Also, it adds the "Managed by your organization" feature. It is unusual for apps of this type to be installed intentionally. Thus, Anywhere Search falls into the
Phishing emails are mainly used to trick unsuspecting recipients into providing personal information (credit card details, usernames, passwords, or other details). Scammers disguise them as letters from legitimate companies. This particular phishing campaign is used to steal WalletConnect login cr