This ransomware was discovered by xiaopao. Rastar encrypts files and appends the ".rastar" extension to their filenames. For example, "1.jpg" is renamed to "1.jpg.rastar", "2.jpg" to "2.jpg.rastar", and so on. Rastar also creates a ransom message within the "HOW_TO_DECYPHER_FILES.txt" file, which
SearchConverterBox is a browser hijacker that modifies browser settings by assigning some of them to searchconverterbox.com. Like most apps of this type, it is likely that SearchConverterBox also collects information. Typically, users do not download or install browser hijackers intentionally and
Sharing many similarities with npolicito.online, roboverify.xyz, emindeed.top and thousands of others, enhesita[.]online is a rogue website. Visitors to this site are presented with dubious material and/or are redirected to other deceptive and possibly malicious websites. Typically, users access
Horizon is malicious software belonging to the Voidcrypt ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, files are renamed following this pattern: original filename, cyber crimina
"EniGaseLuce email virus" refers to a spam campaign, spreading the Ursnif trojan. The term "spam campaign" defines a mass-scale operation, during which thousands of deceptive emails are sent. The scam emails distributed through this campaign, claim that recipients have an unpaid bill for the servi
dozki[.]pro is virtually identical to roboverify[.]xyz, nwithough[.]top, sbecome[.]online and many other web pages. All promote (open) other bogus pages or load dubious content. Users do not often visit these sites intentionally. Commonly, these bogus web pages are promoted via potentially unwant
Mpr is malware that belongs to the family of ransomware called Dharma. It encrypts files and renames them by adding the victim's ID, meterpreter@null.net email address, and appending the ".mpr" extension. For example, "1.jpg" is renamed to "1.jpg.id-C279F237.[meterpreter@null.net].mpr", "2.jpg" t
Decent web is rogue software, promoting tailsearch.com (a fake search engine). Programs that operate in this manner are classified as browser hijackers, since they typically promote bogus search engines by making modifications to browser settings. In fact, Decent web does not actually modify brows
Typically, users do not install or download apps like TotalSearchFunction intentionally. This particular app is distributed via a deceptive installer (a fake installer for Adobe Flash Player). Therefore, TotalSearchFunction is categorized as potentially unwanted application (PUA). This app serv
npolicito[.]online is a rogue site, sharing similarities with roboverify.xyz, sbecome.online, emindeed.top and many others. Once this web page is visited, it presents users with dubious content and/or redirects them to other untrustworthy or possibly malicious websites. Visitors to these rogue pa