Discovered by dnwls0719, Tsar is a malicious program classified as ransomware. It operates by encrypting the data of infected systems and demanding payment for decryption. During the encryption process, all affected files are appended with the ".Tsar" extension. For example, a file such as "1.jpg
Pyrogenic/Qealler is Java-based information stealer, which cyber criminals proliferate to steal credentials from browsers and other applications. The information stolen by Pyrogenic/Qealler could be misused to generate revenue in various ways. If there is reason to believe that this malware is ins
apl-def[.]com is a deceptive website running several different scam variants. By claiming that the visitors' devices are infected, or that their internet connection is not secure, it attempts to trick them into downloading/installing nonoperational, untrusted or malicious software. Few users ac
Like most ransomware-type programs, sepSys encrypts files, modifies their filenames and creates a ransom message. This particular ransomware renames files by appending the ".sepsys" extension to filenames. For example, "sample.jpg" becomes "sample.jpg.sepsys", and so on. It also creates a ransom
"Roundcube" email (subject: "- NOTIFICATION - Storage Full") is deceptive message supposedly from Roundcube, a legitimate email service provider. The message claims that recipients have reached their mail storage limit and, unless immediate actions are taken, their accounts will be blocked. This
vprx.xyz is the address of a fake search engine. Typically, fake search engines are promoted through various potentially unwanted applications (PUAs), mostly browser hijackers. Research shows that vprx.xyz is promoted through a browser hijacker called SApp+, however, it might also be promoted thro
Voodoosrc is a group of deceptive websites, which are designed to run various online scams. Voodoosrc has been observed promoting the "Dear Safari User, You Are Today's Lucky Visitor" scheme, however, other scams can also be accessed through these sites. Few visitors access these web pages inte
Promoted as supposedly improving the browsing experience, CrowdExclusive is actually an adware-type application. This app runs intrusive advertisement campaigns, which deliver various annoying and harmful ads. Due to its dubious proliferation methods, it is also classed as a Potentially Unwanted
Mozart is malicious software that allows attackers (cyber criminals) to execute various commands on an infected computer through the DNS protocol. This communication method helps cyber criminals to avoid detection via security software. Mozart is categorized as a malware loader and executes comman
Get Forms Plus is a rogue application endorsed as a tool for easy access to various forms. It is classified as a browser hijacker, due to the modifications it makes to browsers to promote fake search engines (hp.hgetformsplus.com or search.hgetformsplus.com). Additionally, it records browsing act