Tiontowriting[.]xyz is a rogue website similar to linkwinners.net, yourcoolfeed.com, hrougthatsidh.club, and thousands of others. It is designed to load dubious content, push its browser notifications, and/or redirect visitors to various (likely untrustworthy or malicious) webpages. Most users ar
RaZiO is a malicious program that is part of the Xorist ransomware family. It is designed to encrypt data (render files unusable) and demand ransoms for the decryption. Compromised files are appended with a ".RaZiO" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.Ra
Tgipus is ransomware - malware that encrypts files and generates a ransom note. Also, it renames files by appending the victim's ID and ".tgipus" extension to filenames. For example, it changes "1.jpg" to "1.jpg.tgipus", "sample.png" to "sample.png.tgipus". Tgipus drops its ransom note (the "RESTO
SkillManager is an adware-type app with browser hijacker qualities. Due to the questionable methods used to proliferate SkillManager, it is also classified as a PUA (Potentially Unwanted Application). Adware enables the placement of third-party graphical content (e.g., pop-ups, coupons,
Xot5ik is a ransomware-type program. It encrypts data (locks files) for the purpose of making ransom demands for the decryption. Affected files are appended with a ".xot5ik" extension. For example, a file originally named "1.jpg" would appear as "1.jpg.xot5ik", "2.jpg" as "2.jpg.xot5ik", "3.jpg"
AlgorithmTelecommunication is an adware-type application that has the qualities of a browser hijacker. It is designed to generate advertisements and promote a fake search engine (by changing the web browser's settings). Most apps like AlgorithmTelecommunication are promoted and (or) distributed
SimpleAccount is a rogue app with adware and browser hijacker qualities. Furthermore, since most users inadvertently download/install software products of this type - they are also categorized as PUAs (Potentially Unwanted Applications). Adware can display pop-ups, banners, coupons, and
Ewdownt[.]club uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, ewdownt[.]club can redirect visitors to potentially malicious pages. Ewdownt[.]club should not be visited and allowed to deliver notifications. There are many similar pages, for example, umhis
"DPD Lietuva email virus" refers to a malware-spreading spam campaign targeting Lithuanian users. The spam emails are disguised as delivery notifications from DPD Lietuva - the Lithuanian branch of DPDgroup, an international parcel delivery service network. It must be emphasized that these emails
1ohe is a new variant of the Spora ransomware. This variant encrypts files, modifies filenames, and generates two ransom notes ("ReadMe_Now!.hta" and "Read_Me!_.txt"). 1ohe appends the victim's ID, filesrecoveren@onionmail.org email address, and ".1ohe" extension to filenames. For example, it ren