RansomExx encrypts files and modifies their filenames by appending a specific extension, which depends on the target name (for example, the name of the organization). Cyber criminals have used this ransomware to attack the Texas Department of Transportation. In this case, encrypted files had the
There are many technical support scam websites claiming to be official Microsoft (or other company) websites and claiming that the computer is blocked, infected, or another problem needs to be solved immediately. Commonly, these web pages display pop-up windows instructing potential victims to ca
Streaming plus is a browser hijacker that promotes quicknewtab.com, a fake search engine. Typically, apps of this type promote fake search engines by changing browser settings without users' permission. Browser hijackers also collect browsing data and other information. In most cases, users down
myniceposts[.]com is similar to fastsolvecaptcha[.]com, kersatur[.]online, yourwownewz[.]com, and many other rogue websites: it loads dubious content and promotes other websites of this kind. Users often visit sites such as myniceposts[.]com unintentionally - they are opened by installed potential
The rogue program was discovered by MalwareHunterTeam. As its name suggests, screen-locker ransomware is a type of malware that prevents victims from accessing the operating system by locking the screen. It then demands payment to unlock the screen. This particular screen locker displays a full-s
The Disk Tuner app scans Mac computers for duplicate files, junk files, installed software, and offers removal of unwanted items to free up disk space. In fact, developers might distribute this app using dubious methods, thereby increasing the chance that some users could download and install it
Hello (WickrMe) ransomware encrypts files and appends the ".hello" extension. For example, "1.jpg" is renamed to "1.jpg.hello", "2.jpg" to "2.jpg.hello", and so on. It also creates a ransom message within the "Readme!!!.txt" text file, which contains instructions about how to contact the developer
DLVPlayer is distributed via a fake Adobe Flash Player installer and, therefore, many users install it inadvertently. Apps that are distributed by dubious means (as is the case with DLVPlayer) are categorized as potentially unwanted applications (PUAs). Note that fake installers can install var
JJLF belongs to the Matrix ransomware family. It encrypts files and replaces their filenames with the JamesGouldiHip@yahoo.com email address, a string of random characters, and the ".JJLF" extension. For example, "1.jpg" is renamed to "[JamesGouldiHip@yahoo.com].1dot11Ov-VDHRLLyL.JJLF", "2.jpg" t
systemtechnotify[.]com is a deceptive website posing as an Apple page and displaying fake virus warnings. Its main purpose is to trick users into downloading and installing a potentially unwanted application (PUA), which supposedly removes "detected" malware. Note that Apple and other legitimat