Discovered by Jakub Kroustek, R3f5s is a malicious program belonging to the Dharma ransomware family. This malware encrypts data in order to demand payment for decryption. During the encryption process, all affected files are renamed according to this pattern: original filename, unique ID, cyber c
Yogynicof is designed to encrypt files, change their filenames, and create a number of ransom messages. It renames all encrypted files by changing their names to a certain number (from zero to the total number of files). For example, if there are three files in a folder, it renames one file to "1"
UpgradeCoordinator is software classified as adware and also possessing browser hijacker traits. This application operates by running intrusive advertisement campaigns, modifying browser settings, and promoting fake search engines. UpgradeCoordinator promotes Safe Finder via search.adjustablesam
Convert PDF Hub is designed to promote hp.hconvertpdfhub.com and search.hconvertpdfhub.com (addresses of fake search engines) by changing certain browser settings. It is also likely that this app will gather information relating to users' browsing activities. Browser hijackers are categorized as
s3redirect.com is the address of a fake search engine. Typically, these addresses appear in browser settings after installation of a browser hijacker. Research shows that one of the browser hijackers that promotes s3redirect.com is called Kano APP, however, it is possible that this address is prom
SearchArchive is a rogue application classified as adware, which also has browser hijacker traits. After successful installation, SearchArchive delivers intrusive ad campaigns, modifies browser settings and promotes bogus search engines. Most adware programs and browser hijackers collect browsi
Jam Box Search reassigns certain browser settings to feed.jamboxlive.com (the address of a fake search engine). Commonly, browser hijackers are designed to promote fake search engines and collect data relating to users' browsing habits. People often download and install these apps inadvertently an
Discovered by Jakub Kroustek, Bad ransomware is a part of the Dharma ransomware family. Like most programs of this type, Bad encrypts files, modifies their filenames, and provides victims with instructions about how to contact the developers. It renames all encrypted files by adding the victim's
driveandparkgame[.]com is a deceptive website running various scams. At the time of research, it promoted a scheme claiming that visitors' devices have been seriously damaged by multiple viruses. Typically, these sites promote untrusted or malicious software, however, they can abuse users' trust
Login Assistant is a browser hijacker which assigns certain browser settings to hp.hloginassistant.co. This app is also likely to gather information, especially browsing-related data. Users often download and install browser hijackers unintentionally and, for this reason, they are categorized as p