Zppl8 is ransomware that encrypts files and modifies their filenames by appending a string of random characters and the ".zppl8" extension. For example, it renames "1.jpg" to "1.jpg.bZmReIcUCE6-P0nad3or9k49iED4c_MlVYCiX7J7tuP_m8AP3Ts4wzE0.zppl8", "image.png" to "image.png.bZmReIcUCE6-P0nad3or9k49i
DeployUpdater is adware that has the qualities of a browser hijacker. This app displays advertisements and hijacks a web browser to promote a fake search engine by changing its settings. Most users download and install adware unintentionally because it is promoted and distributed using questiona
Webdefencesurvey[.]com displays deceptive content and asks for permission to show notifications. Also, it redirects visitors to untrustworthy pages. Webdefencesurvey[.]com is not a trustworthy website. It is pretty similar to rewardsltd[.]com, stayprotectedsupport[.]com, defender-scanning[.]xyz, a
big dark is the name of a browser hijacker promoting ytood.com - a fake search engine. big dark hijacks a browser by changing its settings. Most browser-hijacking apps are promoted/distributed using questionable (often deceptive) methods. Thus, a big part of them gets downloaded and installed inad
Greattypecaptcha[.]top is one of the websites designed to trick users into allowing it to show notifications. It can also redirect visitors to other untrustworthy pages. Greattypecaptcha[.]top is similar to mykiger[.]com, stayprotectedsupport[.]com, defender-scanning[.]xyz, and hundreds of others.
It is a phishing email that scammers use to trick recipients into opening a deceptive page and providing sensitive information. This email is disguised as a letter from the Czech Post/Česká pošta (the state-owned postal company of the Czech Republic). This email is disguised as a letter re
8zvpm is ransomware that blocks access to files (encrypts files), appends a string of random characters and the ".8zvpm" extension to filenames, and creates a ransom note (the "vyS2_HOW_TO_DECRYPT.txt" file) on a desktop. An example of how 8zvpm modifies filenames: it renames "1.jpg" to "1.jpg.O_
ExpandedNet is advertising-supported software. It generates advertisements. In addition to that, ExpandedNet changes web browser's settings to promote a fake search engine (it functions as a browser hijacker). This app is distributed using a fake Adobe Flash Player installer. ExpandedNet
Ver is ransomware that encrypts files and appends the ".ver" extension (and the victim's ID, quacksalver@onionmail.org email address) to filenames. It also displays a pop-up window and creates the "info.txt" file containing a ransom note. This ransomware is part of the Dharma family. For example,
C1024 belongs to a family of ransomware called Dharma. This variant appends the ".C1024" extension (and the victim's ID, code1024@keemail.me email address) to filenames. C1024 generates two ransom notes: it creates the "info.txt" file and displays a pop-up window. An example of how C1024 renames