K2 belongs to the VoidCrypt ransomware family. Ransomware is a type of malware that prevents victims from accessing the operating system and/or files and demands ransom payments. In most cases, this malware renames encrypted files and provides contact details and/or payment information within rans
IncognitoSearcher is dubious software categorized as a browser hijacker. It operates by making changes to browser settings to promote incognitosearcher.com (a fake search engine). In addition, most browser hijackers monitor users' browsing habits, and it is likely that IncognitoSearcher is no exce
GetSearchConverter modifies web browser settings and redirects users to getsearchconverter.com. I.e., it forces people to use this fake search engine. GetSearchConverter also reads the browsing history. Typically, users do not download or install browser hijackers intentionally and, for this reaso
Discovered by malware researcher S!Ri, CARLOS is a malicious ransomware program that operates by encrypting the data of infected systems and demanding ransoms to be paid for decryption tools/software. During the encryption process, all affected files are renamed according to the following pattern
Torrentfunk[.]com is a torrent website that contains dubious ads and redirects users to other bogus web pages using rogue advertising networks. Note that torrenting is not illegal, however, downloading copyrighted content is, and it is likely that torrentfunk[.]com contains such content. B
GetIncognitoSearch promotes a fake search engine (getincognitosearch.com). Like most browser hijackers, it achieves this by making certain changes to browser settings. Additionally, it is likely that GetIncognitoSearch gathers browsing-related details and other information. Frequently, users down
torrentgalaxy[.]to is an untrusted Torrent website, which uses rogue advertising networks. This is a common monetization technique and operates by promoting (i.e. force-opening/causing redirects to) various dubious and malicious sites. In addition to the threats posed by visiting the promoted web
moderation-support[.]network is one of many deceptive pages that scammers use to trick visitors into installing various potentially unwanted applications (PUAs). When visited, these web pages display a fake notification stating that the device is infected (and/or damaged) and that it can be fixe
"Message attachments were delayed" refers to a spam email campaign. The term "spam campaign" refers to a mass-scale operation, during which thousands of scam emails are sent. These deceptive messages claim that several email attachments have been delayed and were not delivered to the inbox. To ac
Typically, apps such as LivePDFSearch force users to visit a specific web address. This browser hijacker promotes livepdfsearch.com, the address of a fake search engine by modifying certain browser settings. It can also read browsing-related information. Users often download and install browser h