Thanos was discovered by GrujaRS. This ransomware encrypts files, modifies filenames and generates a ransom message. It renames files by appending the ".locked" extension. Therefore, after encryption, "1.jpg" is renamed to "1.jpg.locked", "2.jpg" to "2.jpg.locked", and so on. Thanos creates the "
SmartSearch is a potentially unwanted application (PUA) that serves advertisements and modifies browser settings. It might also collect browsing data and other information. In this way, SmartSearch functions both as adware and a browser hijacker. These apps are rarely downloaded by users intent
veadoles[.]online is the address of a rogue website, designed to present visitors with dubious content and/or redirect them to other bogus or possibly malicious websites. The internet is full of web pages similar to veadoles[.]online - cenesserie.fun, indexspotcaptcha.com, special-breaking.news,
GameSearchMedia is dubious software designed to modify browser settings to promote gamesearchmedia.com (a fake search engine). Due this, GameSearchMedia is classified as a browser hijacker. Additionally, this rogue app gathers browsing-related information. Since most users download/install browse
Mifr is designed to encrypt victims' files, modify their filenames and create the "!INFO.HTA" file (ransom message) in each folder that contains at least one encrypted file. Mifr renames files by adding the hiden_pro@aol.com email address, victim's ID, and appending the ".mifr" extension. For exa
SmartControl is an adware-type application with browser hijacker traits. Once successfully infiltrated into systems, this app begins running intrusive advertisement campaigns and makes modifications to browser settings to promote fake search engines. In addition, most adware-type apps and brows
Users do not generally visit sonoffer[.]online or similar sites intentionally - they are redirected to them via other dubious websites, deceptive advertisements, or their browsers have potentially unwanted applications (PUAs) installed on them. Some examples of other pages similar to sonoffer[.]o
4KMovieSearch is dubious software classified as a browser hijacker. It modifies browser settings to promote 4kmoviesearch.com (a bogus search engine). Additionally, most browser hijackers have data tracking capabilities, which are employed to monitor users' browsing activity. Due to the dubious t
Booa belongs to the Djvu ransomware family. It prevents victims from accessing their files by encryption and creates a ransom message ("_readme.txt" file) that contains details such as cost of decryption software and key and how to contact cyber criminals. Booa also renames files by appending the
CTRM ransomware encrypts files and renames them. It also creates the "CTRM_INFO.rtf" file (ransom message) in all folders that contain encrypted files. CTRM renames files by replacing their filenames with the citrteam@yahoo.com email address, a string of random characters, and appending ".CTRM" as