Escribeda[.]xyz is designed to trick visitors into agreeing to receive notifications and promote (open) untrustworthy websites. It is similar to aclientirethe[.]xyz, captchafilter[.]top, eruthoxup[.]com, and plenty of other pages. Users open them unintentionally. Escribeda[.]xyz loads a fa
AnalyzerWindow is a piece of rogue software that is categorized as adware. This application has browser hijacker qualities as well. It operates by running intrusive advert campaigns (i.e., delivers various ads) and promotes fake search engines by making modifications to browser settings. Additi
Quantum Ad Blocker is a rogue browser extension, which is endorsed as an adblocker - a tool that blocks ads on visited websites. However, this piece of software operates by delivering intrusive advertisements instead. Due to this, Quantum Ad Blocker is classified as adware and a PUA (Potentially U
O4kjj prevents victims from accessing files by encrypting them. It also renames files by appending a string of random characters and the ".o4kjj" to their filenames and creates a ransom note (the "p3qn_HOW_TO_DECRYPT.txt" file). Screenshot of a message encouraging users to pay a ransom to decr
"ING Bank email scam" refers to a spam campaign. The letters sent through this campaign are in Dutch and supposedly relate to parking fees. It must be emphasized that all of the information provided by these emails is false, and the legitimate entities mentioned - are not associated with the scam
PixStealer is the name of a banking Trojan, a malicious Android application targeting the Pix payment system and Brazilian bank applications. It abuses Android’s Accessibility Service. Research shows that cybercriminals used Google Play to distribute PixStealer by disguising it as PagBank applicat
Belonging to the VoidCrypt ransomware family, Temlown is a malicious program that encrypts data and demands payment for the decryption. Compromised files are renamed according to this pattern: original filename, cyber criminals' email address, unique ID assigned to the victim, and a ".temlown" ex
Vck99 encrypts files and modifies their filenames. It appends a string of random characters and the ".vck99" extension to filenames. For instance, Vck99 renames "1.jpg" to "1.jpg.ew_JA8UNQlPUbtDMKRXrsp-0_b5RUz7siu1DrqJ3jGD_PkWXE_-DtPM0.vck99", "2.jpg" to "2.jpg.ew_JA8UNQlPUbtDMKRXrsp-0_b5RUz7siu1D
DataExplorer is a piece of rogue software categorized as adware. It also has browser hijacker traits. Furthermore, due to the questionable methods used to proliferate apps of this type, they are also considered to be PUAs (Potentially Unwanted Applications). Adware enables the placement
Lambda is a malicious program that is part of the VoidCrypt ransomware group. It operates by encrypting data (rendering files unusable) and demanding payment for the decryption. Affected files are renamed according to this pattern: initial filename, cyber criminals' email address, unique ID assig