Mmpa belongs to the Djvu ransomware family. It encrypts files, renames them by appending its extension, and drops a ransom message in all folders containing encrypted files. Mmpa appends the ".mmpa" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.mmpa", "2.jpg" to "2.jpg.mmpa", a
PDFt Search is rogue software classified as a browser hijacker. Following successful installation, it makes modifications to browser settings to promote find.pdftsearch.net (a fake search engine). PDFt Search also adds the "Managed by your organization" feature to Google Chrome browsers. Most bro
See_read_me is a new variant of Adhubllka ransomware. This particular variant was discovered by xiaopao. It encrypts files, modifies their filenames and creates a ransom message. See_read_me renames files by appending the ".see_read_me" extension to filenames. For example, "1.jpg" is renamed to "
Cpmlink[.]net is an untrusted website offering URL (website address) shortening services. This site uses rogue advertising networks and, therefore, visitors to cpmlink[.]net might be presented with dubious advertisements and redirected to other bogus and even malicious websites. These unwanted ad
404 Keylogger is software designed to record key strokes, recover account passwords and otherwise monitor users' activity. 404 Keylogger is promoted as a legitimate tool for various businesses and for companies to track client/customer activity (with consent) and an "educational" tool to aid learn
RAGNAROK (.thor) is a new variant of Ragnarok ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are appended with a random character string and the ".thor" extension. For exa
Default Search hijacks web browsers by modifying certain settings (assigning them to find.defaultsearch.info). In this way, it promotes a fake search engine. If installed on Google Chrome, Default Search adds the "Managed by your organization" feature as well. Additionally, this browser hijacker
Memorama is a game designed for people who wish to improve their memorization skills. It uses an in-game currency called Cristales, a certain sum of which can be purchased using the Memorama in-app purchase feature. In fact, there are various websites offering to generate Cristales free of charge.
MarketService is an adware-type application with browser hijacker traits. Following successful installation, it delivers intrusive advertisement campaigns, makes modifications to browser settings and promotes fake search engines. MarketService promotes 6v5f3l.com on Safari browsers and search.lo
RedDelta is the name of a threat activity group targeting the Vatican and Catholic Church-related, and some non-governmental, organizations. Research shows that the group uses malware variants for their attacks, one of which is a modified variant of PlugX referred to as RedDelta PlugX. Other known