Nicyaboyenan[.]com is a website that uses scare tactics to trick visitors into installing some potentially unwanted application (PUA). Usually, websites of this type display fake virus notifications claiming that a device is infected and offer to remove detected malware with some app. Th
Secure-support[.]space is a deceptive website running various scams. At the of research, this page ran a scheme targeting iPhone users. The scam claims that visitors' iPhones have been infected and recommends installing a free protection tool. Typically, such schemes push untrustworthy software
Zvw5k encrypts files and modifies their filenames. It adds a string of random characters and the ".zvw5k" extension to filenames. For instance, Zvw5k renames "1.jpg" to "1.jpg.NZ4g08eQk3TfLo_4PSAQQ7ff0o9pcKspQmt1rhxGnTj_IAC1NfcI0680.zvw5k", "2.jpg" to "2.jpg.NZ4g08eQk3TfLo_4PSAQQ7ff0o9pcKspQmt1rhx
Captchafilter[.]top is an untrustworthy website designed to load questionable content, push its browser notifications, and/or redirect visitors to other (likely unreliable or malicious) pages. The Internet is rife with such sites; onestoreblog.com, news-themes.com, and brokenbad.biz are but a few
Eruthoxup[.]com asks for permission to show notifications and promotes potentially malicious pages. It is promoted through other pages of this kind, shady advertisements, and (or) potentially unwanted applications (PUAs). Eruthoxup[.]com is similar to oataltaul[.]com, onestoreblog[.]com, news-them
ConnectedPlatform is a rogue app classified as adware. It also has browser hijacker qualities. Furthermore, due to the questionable techniques used to distribute products within these classifications, they are also considered to be PUAs (Potentially Unwanted Applications). Adware deliver
WOLF is part of the Dharma ransomware family. It is designed to block access to files (to keep them encrypted) until a sum of money is paid. WOLF also renames files and generates two ransom notes (displays a pop-up window and creates the "info.txt" file). WOLF renames files by appending the victi
BadSiteDefender is a browser extension promoted as a tool capable of preventing malicious websites from being opened. Instead, this rogue piece of software operates as adware. Due to the dubious methods used to distribute adware-type products, they are also categorized as PUAs (Potentially Unwante
Similar to news-themes.com, tionalmorei.online, allhotfeed.com, fast-travel.org, and countless others, onestoreblog[.]com is a rogue website. It operates by loading dubious content and/or redirecting visitors to various (likely untrustworthy or malicious) sites. Users typically access such webpag
RTX is one of the ransomware variants that are part of the VoidCrypt family. RTX encrypts files and modifies their filenames. For instance, it renames "1.jpg" file to "1.jpg.[hoti2020@tutanota.com][MJ-ZS8512639047].RTX", "2.jpg" to "2.jpg.[hoti2020@tutanota.com][MJ-ZS8512639047].RTX". It also crea