WORM is the name of a malicious program, belonging to the Dharma ransomware family. It is designed to encrypt data (lock files) and demand payment for the decryption. Filenames are appended with a unique ID assigned to the victim, cyber criminals' email address, and a ".WORM" extension. For examp
Anywhere Search is a browser hijacker that changes some of the browser's settings to anywheresearch.com (promotes a fake search engine). Also, it adds the "Managed by your organization" feature. It is unusual for apps of this type to be installed intentionally. Thus, Anywhere Search falls into the
Phishing emails are mainly used to trick unsuspecting recipients into providing personal information (credit card details, usernames, passwords, or other details). Scammers disguise them as letters from legitimate companies. This particular phishing campaign is used to steal WalletConnect login cr
Dragsteal is a malicious program designed to steal data from infected systems. This piece of malicious software specifically targets Grand Theft Auto (GTA) video game related content. However, stealer-type malware often has a wide variety of information-stealing abilities. Therefore, infections of
Similar to desktopshieldprotection.com, myfreshspot.com, breaking-news.me, people-around.me, and countless others, rplnd1[.]com is a rogue website. It is designed to load dubious material and/or redirect visitors to different (likely unreliable or malicious) pages. Most users enter such sites via
Stepik is ransomware designed to encrypt files, append the ".stepik" extension to filenames, and create the "RESTORE_FILES_INFO.txt" text file (a ransom note). For example, renames a file named "1.jpg" to "1.jpg.stepik", "2.jpg" to "2.jpg.stepik", and applies this to all encrypted files. Scree
Hamster is the name of a ransomware-type program. It operates by encrypting data (rendering files inaccessible) and demanding payment for the decryption. Affected files are appended with a ".hamster" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.hamster", "2.jpg"
NetworkService is an application designed to display advertisements and promote a fake search engine (by changing the web browser's settings). It is uncommon for adware and browser hijackers to be installed on purpose. Thus, apps of this kind are categorized as potentially unwanted applications
InkInfo is a piece of rogue software classified as adware. It also has browser hijacker traits. Since most users unintentionally download/install apps of type, they are also considered to be PUAs (Potentially Unwanted Applications). Adware delivers various pop-ups, banners, surveys, coup
Part of the Djvu ransomware family, Irfk is a malicious program designed to encrypt data and demand ransoms for the decryption. In other words, victims are asked to pay - to restore access to their files. Affected files are appended with the ".irfk" extension. For example, a file originally named