Webprotectionprogram[.]com is designed to trick visitors into believing that their computers are infected and agreeing to receive notifications. There are many pages like this one on the Internet, for example, security-scanner[.]xyz, checkthesafety[.]com, mydesktopdefence[.]com. Webprotect
NUNCATARDE is a malicious program categorized as ransomware. It operates by encrypting files and demanding ransoms for the decryption. The locked files are appended with a ".NUNCATARDE" extension. For example, a file initially named "1.jpg" would appear as "1.jpg.NUNCATARDE", "2.jpg" as "2.jpg.NU
Windowsdetector[.]com displays deceptive content and asks for permission to show notifications. Additionally, it can be designed to redirect users to potentially malicious pages. Examples of pages similar to windowsdetector[.]com are checkthesafety[.]com, mydesktopdefence[.]com, security-scanner[.
Fmu9d is ransomware that encrypts files, modifies filenames of all encrypted files, and creates the "auw1_HOW_TO_DECRYPT.txt" file containing a ransom note. It renames files by appending a string of random characters and the ".fmu9d" extension to filenames. For instance, Fmu9d renames a file name
ActiveCoordinator is a rogue app with adware and browser hijacker abilities. Since most users inadvertently download/install software products of this kind, they are also categorized as PUAs (Potentially Unwanted Applications). Adware enables the placement of intrusive adverts (e.g., pop
"Pornography Warning Error" is a technical support scam. It has been observed being promoted via the Amazon AWS service. Scams of this type are elaborate and start by presenting users with fake alerts designed to trick them into calling bogus helplines, which can then lead to monetary losses, malw
CheckFeature generates advertisements and promotes a fake search engine. It does the second by hijacking a web browser (by changing its settings). Typically, apps like CheckFeature are promoted and distributed using questionable methods. Thus, users download and install them unintentionally (the
Thekolnews[.]site uses a clickbait technique to get permission to display notifications and redirects visitors to shady websites. It is similar to downloadit-on[.]com, profitedsurvey[.]site, myhypeposts[.]com, and plenty of other deceptive pages. Users do not visit them intentionally. Thek
Youtubecenter[.]net is a website that uses fake CAPTCHA verification to trick visitors into enabling its browser notifications. This page can also cause redirects to other untrustworthy and potentially malicious websites. Youtubecenter[.]net and similar webpages are usually accessed via sites that
The purpose of Zaqi ransomware is to encrypt files (block access to them). Also, it appends the ".zaqi" extension to filenames (e.g., renames "1.jpg" to "1.jpg.zaqi", "document.txt" to "document.txt.zaqi"), and creates a ransom note (the "_readme.txt" file). Zaqi belongs to a ransomware family cal