Shifu is banking malware, is a sophisticated piece of malicious software designed to steal banking-related information stored in, or accessed through, infected systems. It has been observed targeting banks and wealth management firms (primarily in Japan and the United Kingdom), however, attacks t
QuilMiner is a cryptocurrency miner, which operates on computers with NVIDIA, AMD GPUs and x32, x64 CPUs. This miner is promoted on hacker forums. Cyber criminals attempt to trick people into installing it so that they can use their computers (hardware) to generate revenue. If there is reason to
TinyChill is a browser hijacker endorsed as a tool capable of improving the browsing experience. It modifies browsers to promote feed.tinychill.com, a fake search engine. Additionally, TinyChill has data tracking capabilities, which are employed to gather information relating to users' browsing ha
ChoiceFinder is a rogue application classified as adware. Following successful infiltration, the app runs intrusive advertisement campaigns, delivering various unwanted and harmful ads. Additionally, software classed as adware often has data tracking capabilities. Since ChoiceFinder has dubious
ProcessFresh is categorized as a potentially unwanted application (PUA) and adware. Software of this type displays advertisements. PUAs also gather information (usually browsing data). In most cases, people download and install adware (and other PUAs) inadvertently. Users of software such
Discovered by Michael Gillespie, DeathHiddenTear is a malicious program that is classified as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are renamed. Original filenames
EncoderCSL ransomware was discovered by S!Ri. Typically, programs of this type encrypt files with strong encryption algorithms. Victims cannot access or use encrypted files unless they decrypt them with tools purchased from the cyber criminals who designed the ransomware. Research shows that Enco
.Adame (Amnesia) is malicious software classified as ransomware and is a new variant of Amnesia (other high-risk ransomware). It operates by encrypting data and demanding payment for decryption. It also disables Windows Task Manager. During the encryption process, all affected files are renamed ac
soonersupor[.]pro is similar to biglocateriod[.]pro, yaarileads[.]com, norobotcapcha2020[.]info and many other rogue websites. When visited, soonersupor[.]pro loads dubious content or opens other untrusted websites. Note that people generally arrive at these web pages inadvertently - they are ope
Discovered by malware researcher, S!Ri, Uk6ge is malicious software categorized as ransomware. It is designed to encrypt data of infected systems and demand payment for decryption. When this ransomware encrypts, all affected files have the ".uk6ge extension added to their filenames. For example,