Hello (WickrMe) ransomware encrypts files and appends the ".hello" extension. For example, "1.jpg" is renamed to "1.jpg.hello", "2.jpg" to "2.jpg.hello", and so on. It also creates a ransom message within the "Readme!!!.txt" text file, which contains instructions about how to contact the developer
DLVPlayer is distributed via a fake Adobe Flash Player installer and, therefore, many users install it inadvertently. Apps that are distributed by dubious means (as is the case with DLVPlayer) are categorized as potentially unwanted applications (PUAs). Note that fake installers can install var
JJLF belongs to the Matrix ransomware family. It encrypts files and replaces their filenames with the JamesGouldiHip@yahoo.com email address, a string of random characters, and the ".JJLF" extension. For example, "1.jpg" is renamed to "[JamesGouldiHip@yahoo.com].1dot11Ov-VDHRLLyL.JJLF", "2.jpg" t
systemtechnotify[.]com is a deceptive website posing as an Apple page and displaying fake virus warnings. Its main purpose is to trick users into downloading and installing a potentially unwanted application (PUA), which supposedly removes "detected" malware. Note that Apple and other legitimat
The ActivePower application generates advertisements and modifies browser settings to promote a fake search engine. Additionally, it is likely to gather browsing-related details and other data. Therefore, ActivePower is classified as adware and a browser hijacker. People usually download and in
Bitcoin Mining Machine is a legitimate cryptocurrency miner, however, there is a fake miner with the same name on the internet. Unsuspecting users who download and install the fake miner actually install malicious software called RedLine, an information stealer with the capability to install addit
OptimalUnit functions as adware and as a browser hijacker. More precisely, it generates advertisements and makes changes to browser settings to promote a fake search engine. This app also continually collects details relating to users' browsing activities and other information. Users often down
All mypage is a browser hijacker that promotes keysearchs.com, a fake search engine. Typically, apps of this type achieve this by changing certain browser settings. All mypage can read browsing history and potentially other data as well. In most cases, browser hijackers are downloaded and install
Quick Search Tool is a rogue application categorized as a browser hijacker. It operates by making changes to browsers to promote quicksearchtool.com (a fake search engine). This browser hijacker also has data tracking capabilities, which are employed to monitor users' browsing habits. Furthermore
OSAMiner is a cryptocurrency miner, a Monero mining Trojan that uses run-only AppleScripts targeting Mac computers. OSAMiner was first detected in 2015 and is still successfully used by cyber criminals due to its complex structure (use of run-only AppleScript files), which prevents researchers