Nomad is a malicious program that belongs to the Dharma ransomware family. It is designed to encrypt data (render files inaccessible) and demand ransoms for the decryption. Affected files are renamed following this pattern: initial filename, unique ID assigned to the victim, cyber criminals' emai
Centralheat[.]me is designed to trick visitors into allowing it to show notifications. It uses a clickbait technique for that. Also, centralheat[.]me is used to promote questionable websites. This page shares similarities with plenty of other pages, for example, fast-travel[.]org, joaglouwulin[.]c
Rigd is part of the Djvu ransomware family. This variant encrypts files and appends the ".rigd" extension to their filenames (for example, it changes "1.jpg" to "1.jpg.rigd", "2.jpg" to "2.jpg.rigd"). Instructions on how to contact the attackers and other details are provided in the "_readme.txt"
"Voicemail email scam" refers to a spam campaign - a mass-scale operation during which thousands of deceptive emails are sent. The letters distributed through this campaign - are disguised as notifications concerning a new voicemail. This spam mail aims to promote a phishing website designed to r
Social Network Ad Blocker is a rogue browser extension endorsed as a tool for eliminating ads from social networking and social media platforms. However, this piece of software operates as adware. Furthermore, software products within this classification are also considered to be PUAs (Potentially
Porn is a ransomware-type program. It operates by encrypting data (rendering files unusable) and demanding ransoms for the decryption. During the encryption process, affected files are appended with a ".porn" extension. To elaborate, a file like "1.jpg" would appear as "1.jpg.porn", and so on. Af
SmartDivision is an adware-type app with browser hijacker traits. Furthermore, due to the dubious methods used to spread products within these classifications, they are also deemed to be PUAs (Potentially Unwanted Applications). Adware delivers pop-ups, banners, coupons, and other intrus
Koxic prevents victims from accessing files by encrypting them and appends the ".KOXIC_PLCAW" extension to filenames. For example, it renames "1.jpg" to "1.jpg.KOXIC_PLCAW", "2.jpg" to "2.jpg.KOXIC_PLCAW". Koxic also creates the "WANNA_RECOVER_KOXIC_FILEZ_PLCAW.txt" file, a ransom note. Screen
Cyber is a ransomware-type program. It is designed to encrypt data (render files inaccessible) and demand payment for the decryption. Affected files are appended with a ".cyber" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.cyber", and so on for all of the encrypte
FunctionServer generates advertisements and promotes a fake search engine (hijacks a web browser by modifying its settings). It is distributed using deceptive methods. Therefore, it is unlikely for this application to be downloaded and installed by users on purpose. Apps of this kind are called