Ndjmu is ransomware designed to encrypt files, change the filename of every encrypted file and create the "MEag_HOW_TO_DECRYPT.txt" file (a ransom note). It renames files by appending a string of random characters and the ".ndjmu" extension to filenames. For example, Ndjmu renames "1.jpg" to "1.j
Page Ranking Tool is an adware-type browser extension. This piece of software is endorsed as a tool allowing users to check a website's reputation. Due to the dubious methods used to distribute adware products, they are also categorized as PUAs (Potentially Unwanted Applications). Adware e
It is a phishing email claiming that recipients have received an encrypted message and can open it via the attached file. The purpose of this email is to trick recipients into opening an HTML file designed to open a fake Microsoft page and entering their account login credentials on it. Th
Similar to businesspayments.org, ourcoolstories.com, spdate.com, new-updates-service.com, and many others, hrougthatsidh[.]club is a rogue site. It is designed to load questionable content and/or redirect visitors to other (likely dubious or malicious) webpages. Users typically access rogue websi
NAME LOCKER is a malicious program belonging to the Babuk Locker ransomware family. It is designed to encrypt data (render files unusable) and demand ransoms for the decryption. Compromised files are appended with the ".crypt" extension. For example, a file like "1.jpg" would appear as "1.jpg.cry
Wixawm is ransomware that encrypts files (makes them inaccessible), modifies filenames of all encrypted files, and generates two ransom notes: "Decryption-Guide.txt" and "Decryption-Guide.HTA". It renames files by appending a string of random characters, the wixawm@gmail.com email address, and ".w
J2xnp is a ransomware-type program. It operates by encrypting data (locking files) and demanding payment for the decryption. Affected files are appended with a random character string and the ".j2xnp" extension. For example, a file originally titled "1.jpg" would appear similar to "1.jpg.x4S3X7Tz
Melomovie[.]com is an illegal TV show, movie, and anime streaming and download website. Also, it uses rogue advertising networks. Melomovie[.]com infringes copyright and redirects visitors to questionable/potentially malicious websites. Websites using rogue advertising networks promote unt
PlusMethod is a piece of rogue software. It has adware and browser hijacker qualities. Since most users unintentionally download/install apps like PlusMethod, they are also categorized as PUAs (Potentially Unwanted Applications). On visited websites and/or different interfaces - adware c
Prynt is a ransomware-type program that encrypts data (locks files) and demands payment for the decryption. There is reason to believe that Prynt Remote is still in development, as its ransom note is missing crucial information. Compromised files are appended with a ".prynt" extension. For exampl