newmode[.]biz is a rogue website designed to present visitors with dubious material and/or redirect them to other untrusted or malicious web pages. Users rarely access newmode[.]biz intentionally - most are redirected to it by intrusive ads or Potentially Unwanted Applications (PUAs) already infil
MyShortcutTab is classified as a browser hijacker, since it promotes a fake search engine (it assigns certain browser settings to search-find.net). Generally, apps of this type also collect details relating to users' browsing activities. Users often download and install browser hijackers inadverte
Discovered by Jakub Kroustek, Lxhlp is a malicious program belonging to the Dharma ransomware family. This malware operates by encrypting files and demanding payment for decryption. During the encryption process, all compromised files are renamed following this pattern: original filename, unique
The Mountains browser hijacker changes certain browser settings to mountainsext.store (the address of a fake search engine). Typically, apps of this type are designed to modify settings and collect various data. Browser hijackers are categorized as potentially unwanted applications (PUAs), since u
"Free up some memory urgently" is a scam run on deceptive websites. It promote the Kalox APP browser hijacker, however, the scheme might also promote different browser hijackers, adware and other Potentially Unwanted Applications (PUAs). This scam could potentially also promote malware (e.g. ranso
.support belongs to the MedusaLocker ransomware family and was discovered by Petrovic. It is designed to encrypt files, modify their filenames and create an HTML file named "Recovery_Instructions.html" (the ransom message). This ransomware places the ransom message in all folders that contain encr
My Smart Converter hijacks browsers by changing certain settings to mysmartconverter.com, the address of a fake search engine. It possible that this app will also record various browsing-related data. People do not often download or install browser hijackers intentionally and, for this reason, the
Cyber criminals behind this malspam campaign attempt to trick recipients into believing their office has been exposed to the coronavirus and reviewing (opening) the attached document. This email contains a malicious Microsoft Excel document causing installation on TrickBot, which is Trojan-type ma
Zida is malicious software belonging to the Djvu ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, all affected files are appended with the ".zida" extension. For example, a file o
Discovered by Jakub Kroustek, .HOW belongs to the Dharma ransomware family. This malware encrypts files, changes filenames, and generates ransom messages. It renames encrypted files by adding the victim's ID, how_decrypt@aol.com email address and appending the ".HOW" extension to filenames. For e