Yarriedstron[.]xyz uses a clickbait technique to get permission to show notifications from its visitors and opens questionable, potentially malicious pages. It has the same qualities as stream-best-vid[.]com, financesurvey24[.]top, arfanbajt[.]xyz, and plenty of other websites that users open unin
News-hoyisa[.]cc is a rogue webpage that loads dubious content and/or redirects visitors to various (likely unreliable or malicious) sites. The Internet is rife with such websites; financesurvey24.top, emoxan.xyz, and breaking-news.me - are just some examples. Rogue pages are typically accessed v
Spook blocks access to files by encrypting them and appends the ".PUUEQS8AEJ" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.PUUEQS8AEJ", "2.jpg" to "2.jpg.PUUEQS8AEJ" (another variant of Spook ransomware appends ".NMU7PHR3V5" extension). Also, it generates two ransom not
OptimizationLaunch is a piece of rogue software classified as adware. It also has browser hijacker traits. Since most users unintentionally download/install apps of this type, they are also categorized as PUAs (Potentially Unwanted Applications). Adware displays various pop-ups, surveys,
SanwaiWARE is a piece of malicious software classified as ransomware. It operates by encrypting data (rendering files inaccessible) and demanding payment for the decryption (access recovery). During the encryption process, files are renamed - their original extension is removed and they are appen
320ytmp3[.]com offers users to download YouTube videos in MP3 format. It is known that this site uses rogue advertising networks - 320ytmp3[.]com opens shady websites and can have dubious ads on it. It is worth mentioning that downloading videos from the YouTube platform breaches its terms of serv
Kb2j4 encrypts and renames files by appending a string of random characters and the ".kb2j4" extension. For example, it renames "1.jpg" to "1.jpg.Ge1wMvvmzKscu80EPt8JMO9zC-0HiOqqh-zaaMgSL9vkuGtyKhVlaN-P-zQwJ1oQ.kb2j4", and so on. It also creates the "EtbD_HOW_TO_DECRYPT.txt" text file (a ransom no
GeneralAnalog is an adware-type app with browser hijacker qualities. Due to the questionable methods used to distribute software products within these classifications, they are also deemed to be PUAs (Potentially Unwanted Applications). Adware delivers various pop-ups, banners, coupons,
SampleCheck generates revenue for its developer by displaying ads and promoting a specific website (fake search engine). Most users download and install advertising-supported software and browser hijackers like SampleCheck unknowingly. Thus, SampleCheck and similar apps are categorized as potent
"Covid-19 stimulus payment Email Scam" refers to a spam campaign. These scam emails claim to contain the receipt of a COVID-19 stimulus payment. Instead, the fake letters have a phishing file attached to them. This attachment attempts to trick users into disclosing their email account log-in crede