This malware belongs to the Scarab ransomware family and was discovered by xiaopao. Protomolecule ransomware encrypts files and renames each by replacing the filename with a string of random characters, and replacing the extension with ".protonmolecule@gmx.us". For example, it would rename a file
SearchProConverter is a browser hijacker designed to modify browsers to promote searchproconverter.com (a fake search engine). Additionally, this browser hijacker also has data tracking capabilities, which are employed to monitor users' browsing activity. Due to the dubious methods used to prolif
When visited, searches.club redirects to various other dubious websites, depending on users' geolocations. Research shows that searches.club appears in browser settings when the Boi Tab app is installed, however, other apps might also promote it. Applications that promote rogue addresses (mostly
AW46 is a malicious program belonging to the Matrix ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption keys/tools. During the encryption process, all affected files are renamed following this pattern: "[alexwind46@yahoo.
Ment is a malicious program belonging to the TomNom ransomware family. It prevents victims from accessing their files by encryption. It also changes the filenames of encrypted files by appending the ".ment" extension. For example, a file named "1.jpg" would be changed to "1.jpg.ment", "2.jpg" to "
Typically, cyber criminals behind malspam campaigns such as this attempt to deceive recipients into executing (opening) a malicious file, which is attached to the email (or downloaded from a website). This particular email is disguised as a message from the Turkish post company (Ptt) and used to d
Templates Discovery Tab is a dubious application endorsed as a tool for easy access to free online templates. Following successful infiltration, however, the app makes alterations to browser settings to promote htemplatesdiscovery.com (a fake search engine). This app also collects information rel
Tiger865qq is a malicious program belonging to the GlobeImposter ransomware family. It operates by encrypting files and demanding payment for decryption. During the encryption process, all affected files are appended with the ".Tiger865qq" extension. For example, a file originally named something
Devoe is a malicious program belonging to the Phobos ransomware family. This malware operates by encrypting data and demanding payment for decryption. During the encryption process, all compromised files are renamed following this pattern: original filename, unique ID assigned to the victims, cybe
My Office Tools is dubious software categorized as a browser hijacker. It operates by making modifications to browser settings to promote hmyofficetools.co (a fake search engine). Additionally, My Office Tools has data tracking capabilities, which are employed to monitor users' browsing habits. D