The ymp4[.]download website allows users to download videos from YouTube, converted to .mp4 or .mp3 format. There are two problems with this site: it offers an illegal service (it is illegal to download videos from YouTube) and uses rogue advertising networks. Web pages such as ymp4[.]download of
NEPHILIM ransomware was discovered by dnwls0719. Typically, this type of software encrypts data (rendering files inaccessible), renames each encrypted file and creates/displays a ransom message with instructions about how to contact cyber criminals, pay the ransom, and other details. NEPHILIM ren
NEMTY REVENUE 3.1 is malicious software and a new variant of the Nemty 2.6 ransomware. Systems infected with this malware experience data encryption and receive ransom demands for decryption tools/software. During the encryption process, all affected files are renamed according to this pattern: o
Adware such as MultiUpgrade is rogue software that serves advertisements. Apps of this type often collect various user-system information. People do not generally download or install apps such as MultiUpgrade intentionally. Therefore, they are classified as potentially unwanted applications (PU
Likud is a malicious program classified as ransomware. This malware is related to the Israel election and is designed to target Israeli users. Likud ransomware encrypts the data of infected systems so that ransom demands can be made for decryption. During the encryption process, all affected files
ArchiveIdea is a potentially unwanted application (PUA) classified as adware. This app generates revenue for its developers by feeding users with various advertisements. Research shows that ArchiveIdea is capable of accessing and recording sensitive information and also promotes the Safe Finder
ActivelySearch generates revenue for its developers by serving online advertisements. Apps of this type are classified as adware. Research shows that ActivelySearch also functions as a browser hijacker - it promotes the address of a fake search engine by changing browser settings. Since most us
"COVID-19 Relief" is the subject of a scam email used to infect recipients' systems with ZLoader malware, which injects the Zeus banking Trojan. As as the title/subject implies, "COVID-19 Relief" emails are part of a Coronavirus/COVID-19-themed spam campaign, which is just one of many that exploit
"Zoom virus" is a generic term used to define unwanted or malicious software proliferated under the guise of content relating to the Zoom application/services. Zoom Video Communications is a legitimate conferencing service, providing a cloud-based communication platform that enables people to hav
Youlittmeet is a family of deceptive web pages. In most cases, such families include web pages designed to advertise potentially unwanted applications (PUAs) like browser hijackers, adware-type applications. Some might be malicious and used to spread rogue programs such as Trojans and ransomware