CRYPT is a malicious program belonging to the MedusaLocker ransomware family. It is designed to encrypt data and demand payment for the decryption. The locked files are appended with a ".CRYPT" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.CRYPT", "2.jpg" as "2.jp
Press-news-for[.]me promotes shady (potentially malicious) web pages and asks for permission to show notifications. There are lots of websites like press-news-for[.]me, some examples are theresults[.]net, robo-checker[.]top, and aidraiphejpb[.]com. Once opened, press-news-for[.]me asks for
Promoland[.]space is a deceptive website running various scams. At the time of research, it promoted a scheme targeting iPhone users with claims that their data may be at risk. It must be emphasized that no website can detect threats/issues present on visitors' devices; hence, any that make such
Phishing emails are used to trick recipients into providing personal information. Scammers behind them attempt to obtain credit card details, bank accounts numbers, social security numbers, login credentials, or other information. This phishing email is used to extract email login credentials via
Block is the name of a ransomware-type program, which is designed to encrypt data (lock victims' files) and demand ransoms for the decryption. Affected files are appended with a ".block" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.block", "2.jpg as "2.jpg.block"
Tabsearch.net is a fake search engine. It is promoted through a browser hijacker called Tab Search Start Page. A browser hijacker is a potentially unwanted application (PUA) that changes the web browser's settings to promote a particular address. Most users download and install apps of this type
Theresults[.]net is a rogue website sharing similarities with liffsandupa.xyz, more*.biz, aidraiphejpb.com, and many others. This site is designed to present visitors with questionable content and/or redirect them to various (likely suspect or malicious) webpages. Users typically enter such websi
Infogram is promoted as a desktop version for Wikipedia. It shares the same name as a legitimate software company. Infogram is known to be advertising-supported that generates revenue for its developer by displaying advertisements. Users often install software of this type unknowingly. Inf
OptimalSource is a rogue app categorized as adware. It also has browser hijacker qualities. Furthermore, due to the dubious techniques used to distribute software products within these categories, they are also considered to be PUAs (Potentially Unwanted Applications). Adware delivers va
Nitrocrypted is a type of malware that encrypts files and modifies their filenames, changes the desktop wallpaper, and creates the "README.txt" file (a ransom note). It renames files by appending the ".nitrocrypted" extension, for example, "1.jpg" is renamed to "1.jpg.nitrocrypted", "2.jpg" to "2.