LearningActivity is an adware-type application with browser hijacker traits. Following successful installation, it delivers intrusive ad campaigns and makes modifications to browser settings to promote bogus search engines. Additionally, most adware-type apps and browser hijackers collect browsi
LCK is a malicious program belonging to the Dharma ransomware family. This particular program encrypts files, renames them, displays a pop-up window, and creates the "FILES ENCRYPTED.txt" text file. LCK renames files by adding the victim's ID, triplock@tutanota.com email address and ".LCK" extensi
Slfyvggi is malicious software belonging to the Snatch ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are appended with the ".slfyvggi" extension. For example, a fil
Commonly, newscatch24[.]com and similar sites are opened by browsers that have potentially unwanted applications (PUAs) installed. PUAs also serve advertisements and collect data. Note that these apps are classified as PUAs because, in most cases, users download and install them inadvertently. Mo
Wowbrowse is a typical browser hijacker - it promotes a fake search engine( in this case, tailsearch.com) and forces users to visit this address at certain times. Additionally, it can read browsing data. Apps such as Wowbrowse are classified as potentially unwanted applications (PUAs), since users
Sharing similarities with samizdat-philosophy.com, revoluciondron.com, houstontexansteamstore.com and countless others, rex-news[.]org is a rogue website. This web page operates by presenting visitors with dubious content and/or redirecting them to other similarly untrusted or possibly malicious s
Crypt is a malicious program belonging to the Dharma ransomware group. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, files are renamed following this pattern: original filename, unique ID assigned to th
Chromium Shield is a rogue browser based on a legitimate, open-source project called Chromium. This piece of software is endorsed as supposedly capable of providing safe, secure and fast browsing. Amongst its listed features are: free VPN; advertisement blocking; protection against tracking, surv
MessedUp is part of the Phobos ransomware family. It encrypts files, modifies their filenames, displays a ransom message and creates a text file (containing another ransom message). MessedUp renames encrypted files by adding the victim's ID, ICQ username (to contact the developers), and appending
Typically, users arrive at web pages such as samizdat-philosophy[.]com via deceptive ads, untrusted pages or when they are opened by potentially unwanted applications (PUAs) installed on browsers or operating systems. Note that PUAs can display ads and gather certain information (e.g., browsing da