Exorcist 2.0 is a new variant of Exorcist ransomware. This variant was discovered by JAMESWT. It blocks access to files by encryption, changes their filenames and creates an HTA file (an executable which opens a ransom message) in all folders that contain encrypted files. Exorcist 2.0 renames file
Similar to potentingond.club, gdimmunical.club, kangstools.com, arttowardstic.club and thousands of others, pragatimeg[.]com is a rogue website. Visitors to this page are presented with dubious content and/or are redirected to other untrusted or possibly malicious sites. Most users access pragati
potentingond[.]club is one of many websites that, once visited, open various untrusted pages or load dubious content. Some examples of other web pages similar to potentingond[.]club are gdimmunical[.]club, cda-google[.]com and kangstools[.]com. Browsers commonly open these sites when potentially
Txt is malicious software belonging to the Xorist ransomware family. Malware of this type is designed to encrypt data and demand payment for decryption tools. When Txt (Xorist) encrypts, it renames all affected files by appending them with the "..txt" extension (not to be confused with the ".txt"
Typically, browser hijackers promote the addresses of fake search engines by changing certain browser settings. ConvertItSearch promotes convertitsearch.com in this way. Furthermore, these apps collect browsing-related and other information. Most users download and install browser hijackers inadv
AnyStationSearch is a browser hijacker. Following successful infiltration, it makes modifications to browser settings to promote anystationsearch.com (a bogus search engine). Furthermore, most browser hijackers monitor users' browsing activity, and it is likely that AnyStationSearch does so as wel
Kibo Web promotes tailsearch.com (the address of a fake search engine). Generally, apps of this type promote fake search engines by changing certain browser settings. Furthermore, Kibo Web collects information relating to users' browsing activities. Note that browser hijackers are categorized as
gdimmunical[.]club is a rogue site sharing many similarities with caravane-plantes.com, somenewsabout.com, mypushz.com, beforeigntools.club and countless others. This web page presents visitors with dubious material and/or redirects them to other untrusted or possibly malicious websites. These pa
In most cases, websites such as cda-google[.]com are promoted via deceptive advertisements, various untrusted web pages or potentially unwanted applications (PUAs). I.e., users do not visit them intentionally. When opened, they load dubious content or open other bogus websites. Some examples of o
Discovered by S!Ri, Dusk ransomware is designed to render files inaccessible by encryption, changing their filenames by appending its extension, and creating text files named "!#!READ-ME!#.txt" in all folders that contain compromised files. Dusk renames files by appending the ".Dusk" extension to