SanwaiWARE is a piece of malicious software classified as ransomware. It operates by encrypting data (rendering files inaccessible) and demanding payment for the decryption (access recovery). During the encryption process, files are renamed - their original extension is removed and they are appen
320ytmp3[.]com offers users to download YouTube videos in MP3 format. It is known that this site uses rogue advertising networks - 320ytmp3[.]com opens shady websites and can have dubious ads on it. It is worth mentioning that downloading videos from the YouTube platform breaches its terms of serv
Kb2j4 encrypts and renames files by appending a string of random characters and the ".kb2j4" extension. For example, it renames "1.jpg" to "1.jpg.Ge1wMvvmzKscu80EPt8JMO9zC-0HiOqqh-zaaMgSL9vkuGtyKhVlaN-P-zQwJ1oQ.kb2j4", and so on. It also creates the "EtbD_HOW_TO_DECRYPT.txt" text file (a ransom no
GeneralAnalog is an adware-type app with browser hijacker qualities. Due to the questionable methods used to distribute software products within these classifications, they are also deemed to be PUAs (Potentially Unwanted Applications). Adware delivers various pop-ups, banners, coupons,
SampleCheck generates revenue for its developer by displaying ads and promoting a specific website (fake search engine). Most users download and install advertising-supported software and browser hijackers like SampleCheck unknowingly. Thus, SampleCheck and similar apps are categorized as potent
"Covid-19 stimulus payment Email Scam" refers to a spam campaign. These scam emails claim to contain the receipt of a COVID-19 stimulus payment. Instead, the fake letters have a phishing file attached to them. This attachment attempts to trick users into disclosing their email account log-in crede
The purpose of emails used to deliver malware is to trick recipients into opening a malicious file. Usually, these emails are disguised as letters from legitimate institutions, companies, or other entities. This particular malspam campaign is used to distribute a malicious VBS script. This e
Mp3convert[.]cc is a rogue site capable of converting videos hosted on various online platforms (e.g., YouTube, Facebook, Instagram, etc.) to downloadable MP3 audio files. This website infringes copyright laws and endangers device/user safety. Mp3convert[.]cc uses rogue advertising networks, whic
MME encrypts files and appends the ".MME" extension to their filenames (for example, it renames "1.jpg" to "1.jpg.MME", "2.jpg" to "2.jpg.MME"). MME also creates the "Read_Me.txt" file (a ransom note) containing instructions on how to contact the attackers. Screenshot of a message encouraging
TopADSBlockSearch is a rogue browser extension. It modifies browsers and promotes the topadsblock.com fake search engine; due to this - it is categorized as a browser hijacker. Furthermore, the questionable methods used to distribute browser hijackers also classify them as PUAs (Potentially Unwant