DiStUrBeD is a malicious program belonging to the Xorist ransomware family. It operates by encrypting data (thereby making the files inaccessible) and demanding payment for decryption. During the encryption process, files are appended with the ".DiStUrBeD" extension. For example, a file originall
CopperStealer, also known as Mingloa, is a malicious program designed to steal sensitive/personal information. It also has the capability to cause chain infections (i.e., download/install additional malware). Significant activity of CopperStealer has been observed in Brazil, India, Indonesia, Pak
"Error Code: #0x564897" is a technical support scam run on various deceptive websites. This scheme has been observed being promoted via the Amazon AWS service. Scams of this type operate by informing users of (nonexistent) viruses detected on their devices to trick them into contacting fake tech
Typically, scammers behind technical support scam websites like this one try to trick visitors into believing that their devices are infected and calling the provided number to resolve the problem (remove viruses, errors). Scammers use these websites to trick users into paying for unnecessary f
Most users do not open pages such as news-hot[.]xyz intentionally - they are opened by browsers that have potentially unwanted applications (PUAs) installed on them, through deceptive ads and other dubious pages. These apps are classified as PUAs, since they are commonly downloaded and installed
PROM is a malicious program classified as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools. I.e., the files are rendered inaccessible and victims are asked to pay to recover access to their data. During the encryption p
Ransomware is a type of malware that cyber criminals use to block victims from accessing their files. It encrypts files and keeps them unusable/inaccessible until they are decrypted with a software key that the attackers encourage to purchase from them. Hard ransomware encrypts and renames files
Tag Search (or TagSearch) is a browser hijacker promoting the search-land.com fake search engine. Typically, software within this category promotes bogus search engines by making alterations to browser settings, however, Tag Search does not always modify browsers when promoting search-land.com (se
Direct Search Online is an application that hijacks browsers by changing certain settings to search.directsearchonline.com, the address of a fake search engine. In addition to changing browser settings, many browser hijackers gather browsing-related information. Most users download and install a
"BAPATOH OFFSHORE SDN BHD" refers to a spam email campaign, a large-scale operation during which thousands of deceptive emails are sent. The scam messages distributed through this campaign are presented as quotation requests. These emails promote a phishing website disguised as an Excel document