CinaRAT is a Remote Administration Trojan that is very similar to another RAT called Quasar. Typically, RATs allow the attackers to access and control infected machines remotely. After successful installation, cyber criminals can use CinaRAT to manage files, access Command Prompt, Task Manager, a
My Smartlink is a browser hijacker that promotes the tailsearch.com fake search engine. Typically, software of this type makes changes to browser settings to promote search engines, however, My Smartlink does not actually modify browsers when promoting tailsearch.com (see below). Additionally, th
Discovered by xiaopao, HDLocker is a data-encrypting malware. Due to this malicious program's modus operandi, it is classified as ransomware. Malware of this type is designed to encrypt data (i.e., render files inaccessible and useless), typically for the purpose of making ransom demands for decry
omingple[.]top is a rogue website. When accessed, it presents visitors with dubious material and/or redirects them to other untrusted and possibly malicious sites. The The internet is full of these bogus web pages - lcutterlyba.top, greemed.top, and blackfr1dayz.com are just some examples. These
LOTUS is a type of malware that blocks access to files by encryption and keeps them in this state until a ransom is paid. After installation, it displays a message demanding a ransom payment in a pop-up window and creates the "MANUAL.txt" text file (another ransom message). LOTUS also renames enc
"Order Error" is an spam email campaign. This term defines a mass-scale operation during which thousands of deceptive emails are distributed. There are several variants of the "Order Error" scam emails, however, the messages are thematically identical. They are presented as messages sent by a wron
Word is a malicious program belonging to the Dharma ransomware family. It operates by encrypting (locking) files (making them inaccessible to victims) in order to demand payment for decryption. When Word ransomware encrypts data, all affected files are renamed following this pattern: original fil
Ransomware is a type of malware that cyber criminals use to encrypt files and then demand payment to unlock and decrypt them. In summary, victims of ransomware attacks cannot access or use files unless they pay a ransom. Usually, ransomware renames encrypted files and creates a ransom message. Yg
lcutterlyba[.]top and other pages of this kind are promoted through deceptive advertisements, rogue web pages, various unwanted apps, and so on. Users do not often visit them intentionally. Note that lcutterlyba[.]top and similar sites contain dubious content and promote other bogus websites. Mor
greemed[.]top is a dubious site, sharing many similarities with blackfr1dayz.com, goldeneraaudio.org, load28.biz, and countless others. Visitors to this website are presented with dubious content and/or are redirected to other untrusted/malicious pages. The greemed[.]top web page is rarely access