iTerm2 malware refers to a trojanized iTerm2 application, which operates as backdoor-type malicious software. Despite its appearance bearing little difference to the legitimate iTerm2 app, the fake program injects systems with malicious code and/or additional malware following installation. It
The purpose of this email scam is to trick recipients into providing login credentials on a fake SF Express website. It is disguised as a letter regarding an incoming package. SF Express is a legitimate Chinese multinational delivery services and logistics company that has nothing to do with this
"Your email will be suspended Scam" refers to a spam campaign. These letters are presented as notifications concerning an impending suspension of the recipients' email accounts due to detected suspicious activity. The goal of the scam emails is to trick users into attempting to sign into their ema
Alfaiztech[.]com promotes questionable pages and uses a clickbait technique to trick visitors into allowing it to show notifications. This site is similar to life-change-about[.]me, fewmonthst[.]space, news-keheza[.]cc, and hundreds of other pages. Alfaiztech[.]com is promoted via deceptiv
ConsoleConnection is a rogue app classified as adware. Additionally, it has browser hijacker traits. Due to the questionable methods used to distribute software products within these classifications, they are also considered to be PUAs (Potentially Unwanted Applications). Adware enables
Cns ransomware encrypts files and appends the decryptharma24@cock.li email address, victims ID and the ".Cns" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.email=decryptharma24@cock.li.id=C279F237.Cns", "2.jpg" to "2.jpg.email=decryptharma24@cock.li.id=C279F237.Cns". Cn
Life-change-about[.]me is a rogue website that shares similarities with digitalcaptcha.top, ralemploay.space, fewmonthst.space, mutigue.com, and thousands of others. It operates by presenting visitors with questionable content and/or redirecting them to different (likely unreliable or malicious) p
ProSportSearch is a potentially unwanted application (PUA) that hijacks a browser by changing some of its settings to prosportsearch.com - it promotes a fake search engine. Browser hijackers can collect information about their users. They are often promoted using questionable methods. ProS
Footer Quotes is a rogue browser extension promoted as a tool capable of providing various quotes at the bottom of Google search pages. However, Footer Quotes is classified as adware due to delivering intrusive advertisement campaigns. Since users typically download/install adware-type products un
Artemis (999) encrypts files, appends the victim's ID, restoredisscus@gmail.com email address and ".999" extension to filenames, and creates the "ReadMe-[victim's_ID].txt" file (a ransom note). It renames "1.jpg" to "1.jpg.id[C279F237].[restoredisscus@gmail.com].999", "2.jpg" to "2.jpg.id[C279F237