Simple Tab is a browser hijacker that promotes the searchemoji.club fake search engine. Software of this type typically promotes search engines by making modifications to browser settings, however, Simple Tab does not always modify browser in this way (see below). Additionally, Simple Tab monitors
Sextortion emails are scams whereby scammers claim to have hacked into computers and recorded humiliating videos of recipients watching adult videos. Generally, scammers threaten to send the videos to other people on their contact lists unless recipients pay ransoms (usually in cryptocurrencies).
anitube[.]site is an untrusted anime streaming website. As well as infringing copyright laws, this site uses rogue advertising networks. Web pages that employ this monetization technique promote various dubious, misleading, deceptive/scam, and even malicious sites. Therefore, you are strongly advi
BKGHJ is a malicious program that belongs to the Makop ransomware group. Systems infected with this malware have their data encrypted, the filenames of affected files are altered, and victims receive ransom demands for decryption. During encryption, files are renamed following this pattern: origi
People do not often download or install the OriginalModule app intentionally, since its installer is disguised as the Adobe Flash Player installer. Therefore, OriginalModule is categorized as a potentially unwanted application (PUA). This app is designed to modify browser settings (to promote a
Sn0wsLogger is malicious software, which is classified as a stealer. The primary purpose of this type of malware is to steal various sensitive and confidential information. Stealers have various capabilities, enabling them to carry out this purpose, however, in addition to being a serious privacy
VASA LOCKER is designed to prevent victims from accessing or using their files by employing SHA256 hashing, ChaCha8 encryption, ECDH key generation, and an algorithm to encrypt files and secure its keys. VASA LOCKER also renames each encrypted file by appending the ".__NIST_K571__" extension to f
UpdaterSync is an adware-type app with browser hijacker traits. It operates by running intrusive advertisement campaigns (i.e., delivering ads) and making modifications to browsers to promote fake search engines. Due to the dubious methods used to proliferate UpdaterSync, it is also categorized
Cring encrypts files and appends the ".cring" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.cring", "2.jpg" to "2.jpg.cring", and so on. Cring also creates a ransom message within a text file named "!!!!deReadMe!!!.txt", dropoing this file into all folders that contain encrypt
Adware generates unwanted advertisements, however, ProcessBrand also functions as a browser hijacker, changing browser settings to promote a fake search engine address. It is likely that ProcessBrand also gathers browsing data and other information. These apps are often downloaded and installed