CommandImprovement is designed to generate advertisements and hijack a web browser by changing its settings. This app has the qualities of both adware and a browser hijacker. Apps of this kind are distributed using questionable methods. Thus, most users download and install them inadvertently.
Aclientirethe[.]xyz is a rogue webpage, similar to captchafilter.top, onestoreblog.com, watch-this-viral.video, and thousands of others. It operates by presenting visitors with dubious content, pushing its browser notifications, and/or redirecting users to various (likely untrustworthy and malicio
Domain Quality is a rogue browser extension promoted as a tool for quickly checking a website's reputation. This piece of software operates as adware, i.e., runs intrusive advertisement campaigns. Additionally, since most users download/install adware-type products inadvertently, they are also cat
Alkhal encrypts files and creates two ransom notes ("ReadMe.txt" and "Recovery.bmp") containing identical text. The purpose of Alkhal ransomware is to keep files inaccessible until a ransom is paid. Its ransom notes provide instructions on how to contact cybercriminals for payment information.
Yourhotfeed[.]com opens shady websites and asks for permission to show notifications. Users do not open yourhotfeed[.]com intentionally. Most likely, it is promoted via potentially unwanted applications (PUAs), shady ads, or other dubious pages. Yourhotfeed[.]com is similar to eruthoxup[.]com, one
VICE SOCIETY is a ransomware-type program. It encrypts data (renders files inaccessible) and demands ransoms for the decryption (access recovery). Encrypted files are appended with a ".v-society.[victim's_ID]" extension. For example, a file initially titled "1.jpg" would appear as something simil
Keq4p is a malicious program categorized as ransomware. It operates by encrypting data (rendering files unusable) and demanding ransoms for the decryption. Affected files are appended with the ".[random_string].keq4p" extension, e.g., a file like "1.jpg" would appear as something similar to "1.jp
Nicyaboyenan[.]com is a website that uses scare tactics to trick visitors into installing some potentially unwanted application (PUA). Usually, websites of this type display fake virus notifications claiming that a device is infected and offer to remove detected malware with some app. Th
Secure-support[.]space is a deceptive website running various scams. At the of research, this page ran a scheme targeting iPhone users. The scam claims that visitors' iPhones have been infected and recommends installing a free protection tool. Typically, such schemes push untrustworthy software
Zvw5k encrypts files and modifies their filenames. It adds a string of random characters and the ".zvw5k" extension to filenames. For instance, Zvw5k renames "1.jpg" to "1.jpg.NZ4g08eQk3TfLo_4PSAQQ7ff0o9pcKspQmt1rhxGnTj_IAC1NfcI0680.zvw5k", "2.jpg" to "2.jpg.NZ4g08eQk3TfLo_4PSAQQ7ff0o9pcKspQmt1rhx