Discovered by S!Ri, Random Ransom encrypts files, modifies their filenames and displays a pop-up window containing a message. Random Ransom changes encrypted files by appending the ".RANDOM" extension to filenames. For example, it renames "1.jpg" to "1.jpg.RANDOM", "2.jpg" to "2.jpg.RANDOM", and s
ActiveMulti is a rogue application with browser hijacker characteristics and classified as adware. It operates by delivering intrusive advertisements, altering browser settings and promoting fake search engines. This app promotes Safe Finder via the akamaihd.net website. Additionally, most adwa
Netuniverse is a group of deceptive websites running various schemes. Sites belonging to this family have been observed promoting the "Dear Safari User, You Are Today's Lucky Visitor" scam, however, they might also promote other dubious schemes. Few users access Netuniverse web pages intentiona
mysupertab.com is the address of a fake search engine. Typically, fake search engines are promoted through potentially unwanted applications (PUAs) classified as browser hijackers. Note that mysupertab.com is promoted through a PUA named MySuperTab. Apps of this type promote addresses of fake sea
Revon is a malicious program, belonging to the Phobos ransomware family. It encrypts data and demands payment for decryption tools/software. During encryption, the files are renamed according to this pattern: original filename, unique ID, cyber criminals' email address and the ".revon" extension.
The number of cases whereby scammers use spam campaigns to profit from the COVID-19 (coronavirus) outbreak is growing daily. In most cases, they send emails designed to appear as if they are from the CDC (Centers for Disease Control and Prevention), WHO (World Health Organization) offering medical
Sorano Stealer is malicious software designed to exfiltrate (i.e., steal) various information from an infected system. This malware's primary functions include exfiltration of information stored in browsers and sessions from applications. The stolen data can be misused in various ways. For exampl
Scammers attempt to deceive people into providing sensitive, personal information in various ways. In this particular case, they use a phishing campaign. I.e., they send emails disguised as messages from Microsoft regarding unusual sign-in activity. Scammers spread this scam in order to trick uns
DisplayAdvice serves advertisements, collects sensitive information and promotes Safe Finder by opening it via akamaihd.net. Therefore, this application functions as adware and an information tracking tool. Apps of this type are categorized as potentially unwanted applications (PUAs), since peop
As its name suggests, Best Coupons Now Promos serves advertisements and is classified as adware. Commonly, adware-type applications collect various user-system information. Most users download and install programs such as Best Coupons Now Promos inadvertently and, therefore, they are classified as