Discovered by GrujaRS, XNMMP is another variant of CONTI ransomware. Note that XNMMP itself also has at least two versions. One renames encrypted files by appending the ".XNMMP" extension to their filenames, whilst another appends the ".TJODT" extension. For example, "1.jpg" is renamed to "1.jpg.
Discovered by malware researcher S!Ri, LolKek is a new variant of the BitRansomware ransomware-type malicious program. It is designed to encrypt the data of compromised systems in order to make ransom demands for decryption tools/software. During the encryption process, files are appended with the
Duncan Engineering Limited is a legitimate company, however, some cyber criminals use its name within their malspam campaigns. Generally, cyber criminals behind malspam attempt to trick recipients into opening a malicious attachment or a file, which can be downloaded via the provided website link.
259 ransomware blocks access to files by encryption. It also renames all encrypted files, displays a pop-up window, and creates the "FILES ENCRYPTED.txt" text file. 259 renames files by adding the victim's ID, 259461356@qq.com email address and appending the ".259" extension to filenames. For exa
ScalableRemote is rogue software categorized as adware. It also possesses browser hijacker characteristics. Following successful installation, this application runs intrusive advertisement campaigns and makes modifications to browsers to promote fake search engines. Additionally, most adware-ty
LogarithmicEntry functions not only as adware (advertising-supported software) but also as a browser hijacker. It serves advertisements and promotes the address of a fake search engine by modifying certain browser settings. It might also be capable of collecting browsing-related or even sensitiv
Viper is a malicious program classified as ransomware. It is based on the Hidden Tear (HiddenTear) open-source project. Systems infected with Viper ransomware experience data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are renamed
This application has nothing to do with the official, legitimate Google Docs extension. It is classified as adware and designed to promote various dubious websites. The initial redirects caused by this adware typically start with the "blob:https://p6vh.com" website which, in turn, redirects elsewh
oceanbefo[.]top is a rogue website sharing many similarities with newscatch24.com, rex-news.org, samizdat-philosophy.com and thousands of others. Once accessed, this site presents visitors with dubious content and/or redirects them to other untrusted or possibly malicious web pages. Few users acc
Sharing many similarities with hesterinoc.info, cicort.com, overiesarticu.info and countless others, rdsb2[.]club is a rogue website. It presents visitors with dubious content and/or redirects them to other untrusted, deceptive or malicious pages. Typically, users access rdsb2[.]club and similar