Poison is the name of malware designed to encrypt files, append the ".poison" extension to their filenames, and display a pop-up window and the "___RECOVER__FILES__.poison.txt" file containing a ransom note. For instance, it renames a file named "1.jpg" to "1.jpg.poison", "2.jpg" to "2.jpg.poison"
Landingpagesecure[.]com is a website promoting various scams. At the time of research, this page ran a scam claiming that visitors' Apple mobile devices had been infected. Most schemes of this type aim to endorse untrustworthy software, e.g., fake anti-viruses, adware, browser hijackers, and ot
Sharing similarities with ositieonthat.space, news-hoyisa.cc, emoxan.xyz, and many others, captcha-smart[.]top is a rogue site. It is designed to present visitors with dubious content and/or redirect them to different (likely unreliable or malicious) webpages. Users typically enter rogue sites vi
The purpose of uboungera[.]com is to get permission to show notifications and promote questionable websites. There are hundreds of pages like uboungera[.]com, for example, yarriedstron[.]xyz, news-hoyisa[.]cc, and stream-best-vid[.]com. Uboungera[.]com asks for permission to show notificat
Yverworkedt[.]xyz uses a clickbait technique to get permission to show notifications and promotes shady websites. It is uncommon for pages like yverworkedt[.]xyz to be visited on purpose. Most of them are promoted through potentially unwanted apps (PUAs), dubious ads, other shady pages. Yv
Ositieonthat[.]space is a rogue website sharing common traits with news-hoyisa.cc, financesurvey24.top, aclientirethe.xyz, and countless others. It is designed to host dubious content and/or redirect visitors to various (typically, unreliable or malicious) sites. Rogue webpages are seldom accesse
1aevj is a piece of malicious software classified as ransomware. It operates by encrypting data (rendering files unusable) and demanding ransoms for the decryption. Encrypted files are appended with a random character string and a ".1aevj" extension. For example, a file initially titled "1.jpg" w
Aram is part of the VoidCrypt ransomware family. It encrypts files, changes their filenames, and creates the "Decrypt-info.txt" file (ransom note). Aram renames files by appending the dataunlock@criptext.com email address, a string of random characters and the ".Aram" extension. For example, it r
Yifymovies[.]pro is an illegal streaming and video download site. It infringes copyright laws and endangers device/user safety through its use of rogue advertising networks. These networks promote various untrustworthy and even malicious webpages - visiting and using which can lead to a variety of
Encrypt is the name of a malicious program belonging to the VoidCrypt ransomware family. It is designed to encrypt data and demand ransoms for the decryption. In other words, this ransomware renders files inaccessible and asks victims to pay - to restore access to their data. Affected files are r