Void (also known as VoidCrypt) is a malicious program classified as ransomware. Systems infected with this malware suffer data encryption and users receive ransom demands for file decryption. When this ransomware encrypts, all affected files are renamed according to this pattern: original filename
Discovered by Jirehlov, and like many other programs of this type, PonyFinal is designed to block access to files by encryption, change their filenames and generate ransom messages. It renames each encrypted file by appending the ".enc" extension to the filename. For example, it renames "1.jpg" t
SystemSpecial is a rogue app, classified as adware. It enables the placement of various intrusive ads on any visited website. Additionally, this application has capabilities typical of browser hijackers. SystemSpecial modifies browser settings and promotes Safe Finder via akamaihd.net. Due to t
There are many cases whereby cyber criminals attempt to take advantage of the Coronavirus (COVID-19) crisis by sending fraudulent emails. In this case, they spread an email with a file attached, which supposedly contains a list of employees who violated quarantine orders. Scammers encourage recip
Bug ransomware was discovered by Jirehlov. Software of this type usually encrypts files, appends an extension to the filenames and creates and/or displays ransom messages. Bug renames encrypted files by adding the bugbugo@protonmail.com email address and appending the ".bug" extension to filenames
"COVID 19 HELP DESK" is the subject of a scam email designed to proliferate the Agent Tesla Remote Access Trojan (RAT). This message attempts to exploit the Coronavirus/COVID-19 pandemic, claiming that the recipient has been chosen to receive a large sum of money from The World Health Organizatio
ProgressSite is designed to serve advertisements, promote the Safe Finder web page via akamaihd.net, and collect sensitive information. Commonly, users download and install adware such as ProgressSite inadvertently. Therefore, these apps are categorized as potentially unwanted applications (PUAs
A popular way to spread malware is by sending emails that contain malicious attachments and/or website links that download rogue files. In most cases, these emails are disguised as important, official messages from well-known companies. In this case, the scam is disguised as a message from DHL re
Eject belongs to the Phobos ransomware family. It encrypts files, changes their filenames, displays a pop-up window and creates a text file. Eject renames encrypted files by adding the victim's ID, cynthia-it@protonmail.com email address and appending the ".eject" extension to their filenames. Fo
Discovered by dnwls0719, DOP is a malicious program that is part of the Dharma ransomware family. This malware operates by encrypting data so that ransom demands can be made for decryption tools/software. When DOP ransomware encrypts, all affected file are renamed following this pattern: original