SamoRAT is a Remote Access Trojan (RAT), a type of malware that allows the cyber criminals responsible to monitor and control the infected computer. In most cases, RATs are used to steal sensitive information and/or install other malware onto the infected computer. In any case, RATs are used for m
Quick Mac Booster is rogue software, endorsed as a tool capable of improving system performance and speed. Amongst its advertised functionality are detection and elimination of various unwanted files (e.g. unused, duplicate, large, temporary, junk, etc.), application management and system start
This malspam campaign is disguised as a message from Billtrust with an invoice attached. In fact, cyber criminals send this email to trick recipients into infecting their computers with malicious software. Typically, malware is installed when recipients execute a malicious file. Therefore, you ar
"Ad by Pop" is a message displayed on advertisements delivered by various rogue browser extensions. Ads containing this message have been observed being delivered by Beautiful Comfortable, Wrong Literature, Drab Victorious, and countless other dubious extensions. These browser extensions also add
FlyBox was discovered by 0x0. It renames encrypted files by appending the ".FlyBox" extension. For example, a file named "1.jpg" would change to "1.jpg.FlyBox", "2.jpg" to "2.jpg.FlyBox", etc. Instructions about how to contact the cyber criminals behind FlyBox and pay the ransom are provided in a
"Server Notification" is a spam email campaign. The term "spam campaign" is used to define a large scale operation, during which scam emails are sent by the thousand. There are several, practically identical variants of "Server Notification" emails. These messages claim that additional safety mea
PlusAbout is a rogue application classified as adware. It operates by running intrusive ad campaigns (i.e. it delivers various unwanted and even harmful advertisements). This app also has browser hijacker traits, such as browser settings modification and promotion of bogus search engines. PlusA
Discovered by GrujaRS, Wholocked is malicious software categorized as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools. During the encryption process, all compromised files are appended with the ".wholocked" extension.
FrequencySignal is an adware-type application with browser hijacker traits. It operates by running intrusive advertisement campaigns, makes alterations to browser settings and promotes fake search engines. FrequencySignal promotes Safe Finder via akamaihd.net. Additionally, most adware and brow
Discovered by dnwls0719, IT is a ransomware-type malicious program, named for its use of imagery of the character, Pennywise, The Dancing Clown from the IT film series (2017-2019) based on Stephen King's novel of the same name. This malware is a new variant of Cobra Locker ransomware. The malicio