NUKESPED is a backdoor Trojan, which targets Mac users in Korea. The group of cyber criminals who designed and spread this malware is called Lazarus. They distributed this malicious software through an Excel document using a Mac App bundle, which contains legitimate and malicious versions of A
Discovered by dnwls0719, Bitcore belongs to the Paradise ransomware family. This malware is designed to encrypt data and demand payment for decryption tools/software. When Bitcore encrypts, all files are renamed with a random string of characters, the developer's email address, and the ".bitcore"
Discovered by cyber security researcher, Jack, TurkStatik is rogue software classified as ransomware. This malicious program is designed to encrypt data and demand ransom payments for decryption. During the encryption process, all affected files are appended with the ".ciphered" extension. For ex
cr447.xyz is the address of a fake search engine, which is promoted through various potentially unwanted applications (PUAs) that are also categorized as browser hijackers. One of these apps (called APP) targets Google Chrome users. Research shows that cr447.xyz is related to QIP, another fake sea
"Call Microsoft Helpline" is a scam run by deceptive websites. It operates by tricking users into believing that their device is infected and that they need to contact the (fake) technical support provided to resolve the issues. Note that no website can detect threats present on users' systems and
"UPS Email Virus" is a spam email campaign used to proliferate a high-risk virus called Hancitor. Cyber criminals send thousands of emails encouraging users to open attached documents. In this case, the email is presented as a notification from the UPS company, however, opening the attached file l
Discovered by MalwareHunterTeam, F*CKaNDrUN is malicious software classified as ransomware and based on an open-source project called Hidden Tear. Victims who have computers infected with F*CKaNDrUN cannot access or use encrypted files unless they decode them with a key that can only be purchased
"International promotion of postal services" is a scam proliferated by deceptive/scam sites. It operates by congratulating visitors that they have been chosen by Company Control Service and "the international share of postal services" as one of several hundred annual "Happy e-mail" winners. Users
Rote belongs to the Djvu ransomware family. It encrypts victim's data, changes the filename of each encrypted file, and creates a text file that contains instructions about how to contact cyber criminals and other details. It renames encrypted files by appending the ".rote" extension to filenames
Discovered by Amigo-A, Zobm ransomware is a part of the Djvu family of ransomware-type malware. Like most programs of this type, it encrypts (locks) data, creates a ransom message, and adds its extension to each encrypted file. Zobm creates the "_readme.txt" file and appends the ".zobm" extension.