2promoter[.]com displays deceptive content, asks for permission to deliver notifications, and redirects visitors to untrustworthy websites. It is pretty similar to news-befuka[.]cc, hrougthatsidh[.]club, businesspayments[.]org, and many other pages that users do not open intentionally. It
Belonging to the Phobos ransomware family, pHv1 is a malicious program that encrypts data (locks files) and demands ransoms for the decryption. Files are appended with a unique ID assigned to the victims, the cyber criminals' email address, and a ".pHv1" extension. For example, a file like "1.jpg
Xqxqx is ransomware that belongs to is Dharma ransomware family. It encrypts files and modifies their filenames. It also creates the "FILES ENCRYPTED.txt" file and displays a pop-up window containing ransom notes. Xqxqx renames files by appending the victim's ID, decryptionx@onionmail.org email a
TaskBoard is an adware-type app with browser hijacker abilities. Due to the questionable techniques used to spread TaskBoard, it is also classified as a PUA (Potentially Unwanted Application). Adware enables the placement of third-party graphical content on visited websites and/or other
OnlineTab displays unwanted advertisements and changes the web browser's settings to promote a fake search engine. This app functions as adware and a browser hijacker. Typically, apps like OnlineTab are promoted/distributed using questionable (deceptive) methods. Thus, users download/install the
It is a technical support scam using scare tactics to trick unsuspecting visitors into calling the provided number. Usually, scammers behind pages of this type ask to install remote administration software, pay for unnecessary services or programs, and (or) provide sensitive information. T
GoAdblockSearch is a piece of browser-hijacking software. It promotes the goadblocksearch.com fake search engine. Since most users unintentionally download/install browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications). GoAdblockSearch causes redirects to g
Wnmd is a ransomware-type program. This malware is designed to encrypt data (render files unusable) and demand ransoms for the decryption. Files encrypted by Wnmd are appended with a ".wnmd" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.wnmd", "2.jpg" as "2.jpg.wn
News-befuka[.]cc is an untrustworthy website designed to load questionable content and/or redirect visitors to other (likely unreliable or malicious) pages. The Internet is full of such rogue webpages; hrougthatsidh.club, businesspayments.org, captcharesolverhere.top, and totalnicefeed.com are jus
Ndjmu is ransomware designed to encrypt files, change the filename of every encrypted file and create the "MEag_HOW_TO_DECRYPT.txt" file (a ransom note). It renames files by appending a string of random characters and the ".ndjmu" extension to filenames. For example, Ndjmu renames "1.jpg" to "1.j