Discovered by Jakub Kroustek, PLEX is malicious software belonging to the Crysis/Dharma ransomware family. Systems infected with this malware have their data encrypted and demand ransom payments for decryption. During the encryption process, all compromised files are renamed according to the foll
There are many websites that are designed to deceive visitors into using a fake Adobe Flash Player installer, which supposedly updates the currently installed version. These fake installers are designed to install browser hijackers, adware and other potentially unwanted applications (PUAs). In so
Barak is a malicious program belonging to the Phobos ransomware family. It operates by encrypting data and demanding payment for decryption tools/software. During the encryption process, files are renamed with the following pattern: original filename, unique ID, cyber criminals' email address and
"Secret Love" is a spam email campaign that cyber criminals employ to trick recipients into extracting an attached ZIP archive file and executing the resultant JavaScript (.js) file. If executed, this file installs NEMTY 2.5 REVENGE ransomware. We strongly advise that you ignore this email and, mo
Prizesfinder is a group of deceptive websites, which promote various scams. They have been recorded promoting "Latest version of Adobe Flash Player" and "Dear Chrome User, Congratulations!" schemes. Trusting these scams can lead to serious issues. Few users enter Prizesfinder and other, similar
CryptoDarkRubix is the name of ransomware that was discovered by dnwls0719. Most programs of this type are designed to encrypt files, create and display ransom messages, and rename encrypted files. Rather than encrypting files, however, CryptoDarkRubix rewrites their contents (and renders them unu
Discovered by Jayesh B. Kulkarni, This_is_no_jock is a malicious program belonging to the Xorist ransomware family. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption. When this ransomware encrypts, all affected files are appended with the ".
Hotrivsaln is a group of deceptive websites running various scams. Sites belonging to Hotrivsaln have been observed promoting "Latest version of Adobe Flash Player" and "Dear Chrome User, Congratulations!" schemes, yet other scams might also be accessed through or run on these web pages. Most p
"Install.app wants access to control" is text from a fake system notification. This appears on MacOS operating systems that have potentially unwanted applications (PUAs) installed. Note that Install.app is a PUA and should not be allowed to control Safari (Safari.app) or other apps, perform acti
Discovered by dnwls0719, Tsar is a malicious program classified as ransomware. It operates by encrypting the data of infected systems and demanding payment for decryption. During the encryption process, all affected files are appended with the ".Tsar" extension. For example, a file such as "1.jpg