"Payment Schedule email virus" refers to a malware-spreading spam campaign. The term "spam campaign" defines a mass-scale operation, during which thousands of deceptive/scam emails are sent. The messages distributed through this campaign are presented as notifications concerning a payment schedule
DoNotWorry is designed to encrypt files and modify filenames by prepending the elixuwaril@gmail.com email address, victim's ID, and appending the ".DoNotWorry" extension to them. For example, "1.jpg" is renamed to "[elixuwaril@gmail.com][id=C279F237]1.jpg.DoNotWorry", "2.jpg" to "[elixuwaril@gmail
BIOSAgentPlus is advertised as software that checks for BIOS updates, outdated drivers, and recommends updates. It also provides detailed information regarding currently installed BIOS and drivers. There is a possibility that this application is distributed using the 'bundling' method. Apps that
Today, COVID-19 is commonly used as the subject for various scams, including email phishing scams. Typically, cyber criminals behind them attempt to trick recipients into providing private, sensitive information. For example, social security numbers, credit card details, bank account numbers, and
DominantPartition is an adware-type app with browser hijacker characteristics. This application operates by running intrusive advertisement campaigns and making changes to browser settings to promote fake search engines. Additionally, most adware-type apps and browser hijackers collect browsing-
FPMPlayer is a potentially unwanted application (PUA) that is distributed using a fake Adobe Flash Player installer. In most cases, users download and install apps that are distributed using such methods inadvertently. Fake installers are often used to distribute multiple PUAs at once and, ther
"Burofax Online" refers to a spam email campaign spreading the Mekotio Trojan. The term "spam campaign" describes a large-scale operation, during which thousands of deceptive/scam emails are sent. The messages sent in this particular campaign are disguised as notifications concerning an unspecifi
Discovered by GrujaRS, Fcorp is based on open-source ransomware called Hidden Tear. Fcorp encrypts files and appends the ".fcorp" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.fcorp", "2.jpg" to "2.jpg.fcorp", etc. This ransomware also replaces the desktop wallpaper with its r
Discovered by GrujaRS, ByteLocker is a ransomware-type program based on the Hidden Tear (HiddenTear) open-source project. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. Typically, ransomware encrypts files and changes associated fi
ProductChannel displays advertisements, changes browser settings, and collects sensitive information. ProductChannel is a type of app that functions as adware, a browser hijacker, and data collector. These apps are often downloaded and installed by users unintentionally and, for this reason, th