Discovered by malware researcher, S!Ri, Quimera is a malicious program classified as ransomware. This malware operates by encrypting the data of infected systems and demanding payment for decryption tools/software. Unlike most ransomware, Quimera does not rename files during encryption. After the
mediazone[.]mobi is a rogue website and should be avoided, however, many people arrive at this site inadvertently. Examples of similar web pages are toobotnews[.]biz, glagolinius[.]com and mayfootekvideo[.]com. Browsers usually open websites such as mediazone[.]mobi when potentially unwanted appli
There are two variants of Ako ransomware, however, the only difference between them is the way victims supposedly contact cyber criminals and pay the ransom. Both variants create a text file (containing a ransom message) named "ako-readme.txt". In one version of the ransom message, victims are in
Discovery by GrujaRS, Clown is malicious software classified as ransomware. This malware is designed to encrypt the data of infected systems and then demand payment for decryption. When Clown encrypts, affected files are renamed completely using the "[SupportClown@elude.in][id=1E857D00]ORIGINAL_FI
m461c14n ransomware was discovered by MalwareHunterTeam. Like most malicious programs of this type, m461c14n is designed to encrypt victims' data and provide instructions about how to pay ransoms. It creates the "wp.jpg" file, placing it on the Desktop, and sets it as the wallpaper. This ransomwa
Yourchances[.]net is a scam website. It runs a scam, which claims that visitors' have been chosen to take place in a survey, which can earn them a prize in the shape if an Apple iPhone X. However, other scam models are also possible, for example ones pushing illegitimate software updates, fake ant
Wanna Scream was discovered by S!Ri. This ransomware encrypts files, changes their filenames, creates a ransom message and displays another in a pop-up window. Wanna Scream renames all encrypted files by adding an email address (filemgr@tutanota.com), the victim's ID and appending the ".Wanna Scre
"Coloquei malware no site adulto" ("I put malware on the adult site") is an email scam targeting Portuguese users. The scheme uses the sextortion scam model to extort money from recipients through blackmailing them with threats to expose their sexual activity. The message claims that the user's d
piolo.xyz is the address of a fake search engine that is promoted through potentially unwanted applications (PUAs): browser hijackers called CERX and Dorss APP. It is also very likely that there are other apps of this type that promote this fake search engine. CERX is related to QIP (another brow
Pashka is malicious program categorized as ransomware. It is designed to encrypt the data of infected devices and demand payment for decryption tools. It is distributed via a hacked YouTube account called 'Noted'. YouTuber Noted has released a video, stating that his account account has been hacke