Part of the VoidCrypt ransomware family, Crm is a malicious program designed to encrypt data (render files unusable) and demand ransoms for the decryption. Affected files are renamed according to this pattern: original filename, cyber criminals' email address, unique ID assigned to the victim, an
Udacha blocks access to files by encrypting them and modifies their filenames by appending the ".udacha" extension. For instance, it renames "1.jpg" to "1.jpg.udacha", "2.jpg" to "2.jpg.udacha". Udacha also creates the "ReadMe_Instruction.mht" file, a ransom note. Screenshot of a message encou
Offersworld4u[.]online is a rogue site sharing traits with onemacusa.com, smartcaptchasolve.top, life-change-about.me, and thousands of others. It is designed to load dubious content and/or redirect visitors to various (likely unreliable or malicious) webpages. Users typically access such website
Terkunci is a ransomware-type program, which encrypts victims' files (renders them inaccessible) and demands payment for the decryption. During the encryption process, files are appended with a ".terkunci" extension. For example, a file like "1.jpg" would appear as "1.jpg.terkunci", "2.jpg" as "2
MapperProgress is an adware-type app with browser hijacker qualities. Due to the dubious methods used to distribute software products within these categories, they are also considered to be PUAs (Potentially Unwanted Applications). MapperProgress has been observed being proliferated via fake Ado
Allhugeblog[.]com asks for permission to show notifications and opens shady websites. It gets opened through untrustworthy advertisements, dubious websites or by potentially unwanted applications (PUAs). Allhugeblog[.]com functions like onemacusa[.]com, dnsvibes[.]co, matrixstar[.]net, and lots of
Similar to dnsvibes.co, othemyinetere.space, s1-n.com, totaltopposts.com, and thousands of others, onemacusa[.]com is a rogue site that presents visitors with questionable content, pushes its browser notifications, and/or redirects users to various (likely unreliable/malicious) websites. Rogue pa
BluStealer is a capable stealer that can log keystrokes, upload documents and steal cryptocurrency. Cybercriminals distribute this malware via email (malicious email attachments). Also, BluStealer can detect Virtual Machines and avoid being installed on them. BluStealer can steal crypto wall
CleanSearch generates advertisements and makes changes in the affected browser's settings (hijacks a web browser). CleanSearch is classified as adware and a browser hijacker. It is distributed through a fake Adobe Flash Player installer. Advertisements displayed by CleanSearch could open
"INTERLINK email virus" refers to a malware-distributing spam campaign. These spam emails request recipients to review the attached PO (Purchase Order). However, instead of containing the stated information, the attachment triggers Agent Tesla malware's download/installation - once opened.