Firmadatalari is a malicious program from the Scarab ransomware family. Like most ransomware-type programs, it encrypts and renames files, and creates a ransom message. Firmadatalari renames files by replacing their filenames with a string of ransom characters and appending the ".firmadatalari" ex
Spark Search is a browser hijacker which promotes tailsearch.com, a fake search engine. It can also read browsing history. Typically, users download and install browser hijackers inadvertently and, therefore, they are classified as potentially unwanted applications (PUAs). Typical browser hi
Keysite is rogue software categorized as a browser hijacker. Following successful infiltration, Keysite begins promoting keysearchs.com (a fake search engine). Browser hijackers typically promote bogus search engines by making modifications to browser settings, however, Keysite operates in this ma
securitymobile[.]club is one of many deceptive websites that display fake virus alerts, errors, and other notifications. The main purpose of these web pages is to trick visitors into downloading and installing potentially unwanted applications (PUAs) that will supposedly solve the detected probl
"Email Quarantine" refers to a phishing spam email campaign. The term "spam campaign" is used to define a mass-scale operation, during which thousands of deceptive emails are sent. The messages distributed through the "Email Quarantine" campaign claim that users have several incoming emails, which
Scammers behind lottery scams send notifications stating that the recipient has won some money or another prize. Typically, they send such notifications via email, text messages, and social media. They exploit names of existing lottery companies/organizations to deceive users into believing that
F0xis a malicious program that is part of the Xorist ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are appended with the ".f0x" extension. For example, a file origi
Belonging to the Snatch ransomware family, Uhofbgpgt encrypts files, modifies their filenames, and creates a ransom message. Uhofbgpgt renames encrypted files by appending the ".uhofbgpgt" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.uhofbgpgt", "2.jpg" to "2.jpg.uhofbgpgt", a
Discovered by Lukáš Zobal, DUSK 2 is an updated variant of Dusk ransomware. This malware is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".DUSK" extension. For example, a file named something like "1.jpg" would
security-update-required[.]com is a deceptive website running various scams. At the time of research, this web page promoted two different schemes. The scams promoted on this site primarily target iPhone users, yet it is often accessed via other Apple devices as well. One variant claims visitor