SocksBot is backdoor-type malware: it creates a 'backdoor' for other malicious programs to infiltrate. I.e., following successful infiltration, SocksBot can download/install additional malware. Backdoors such as SocksBot are used to infect devices with all manner of malicious software such as Tro
DriverScape is untrusted software, endorsed as a tool for identifying missing and outdated drivers, and then installing/updating them. DriverScape's website claims to have a well-organized database, which contains various drivers from official sources. The application also claims to have various p
Enel is an Italian manufacturer and distributor of electricity and gas. There are multiple variants of phishing and malspam emails that are currently circulating and claiming to be from this company. Cyber criminals behind these emails attempt to trick recipients into providing sensitive informati
GameSearcher is dubious software classified as a browser hijacker. It operates by making alterations to browser settings to promote game-searcher.com (a fake search engine). Additionally, GameSearcher collects browsing-related information, which makes it a serious privacy concern. Due to the dubi
MILIHPEN belongs to the family of ransomware called NEFILIM and was discovered by MalwareHunterTeam. MILIHPEN is a form of malware that encrypts files to prevent victims from using or accessing their data unless a ransom is paid. In most cases, ransomware not only encrypts files but also renames
TomLe is malicious software, which is part of the Dharma ransomware group. It operates by encrypting data and demanding payment for decryption. During the encryption process, files are renamed according to this pattern: original filename, unique ID assigned to the victim, cyber criminals' email a
Us1 is a malicious program belonging to the MedusaLocker ransomware family. This malware operates by making files inaccessible and redundant by encryption, in order to demand ransoms for decryption. When Us1 encrypts data, files are appended with the ".us1" extension. For example, a file original
This website is advertised as a console to redirect unconfirmed Bitcoin cryptocurrency transactions to the provided BTC wallet. No less than two antivirus scanners on VirusTotal detected this as a phishing website. Research shows that the site also contains a login form, which could be used to st
Potentially unwanted applications (PUAs) are commonly distributed using installers for other apps of this type. In other words, this software is often bundled with additional unwanted and/or malicious applications. Hence, in some cases, a deceptive installer (e.g., fake Adobe Flash Player updater
videogate1[.]com is an untrusted web page that users do not often visit intentionally. Usually, these pages are opened by clicking deceptive ads, while visiting other bogus web pages, or they are opened by browsers with potentially unwanted applications (PUAs) installed. There are many websites s