kromtech[.]net is a rogue domain used to promote MacKeeper, a potentially unwanted application (PUA). This domain redirects visitors to various landing pages that promote the MacKeeper PUA. Research shows that users typically visit kromtech[.]net inadvertently - they are redirected by PUAs alrea
Budak is high-risk ransomware that belongs to the Djvu ransomware family. As with most ransomware infections, Budak stealthily infiltrates computers, encrypts most stored files, and appends each filename with the ".Budak" extension (hence the ransomware name). For example, "sample.jpg" becomes "s
Easy Photo Edit is a rogue application that supposedly allows users to access various photo editors. Its appearance suggests that Easy Photo Edit is legitimate and useful, however, it is categorized as a browser hijacker and a potentially unwanted application (PUA). There are three main reasons f
Ims00ry is yet another ransomware-type infection discovered by MalwareHunterTeam. After successful infiltration, Ims00ry encrypts most stored data, thereby rendering it unusable. Unlike other ransomware, however, Ims00ry does not append any extension, nor rename compromised files in any other way.
Spotlight (or Spotlight.app) is a rogue application designed to promote the searchbaron.com website. Unlike other browser-hijacking applications, Spotlight does not modify any system/browser settings - it simply redirects users to searchbaron.com whenever they enter a search query. Spotl
First discovered by malware researcher, Amigo-A, Adame is yet another variant of high-risk ransomware called Phobos. After successful infiltration, Adame encrypts most stored data, thereby rendering it completely unusable. Additionally, Adame appends each filename with the victim's unique ID, dev
Identical to vnrherdsxr[.]com and blatwalm[.]com, rgvqcsxqge[.]com is a URL address that cyber criminals employ to redirect users to other dubious websites and to promote content and unwanted applications. Research shows that many users visit rgvqcsxqge[.]com inadvertently - they are redirected
The apple.com-shield[.]live website is designed to promote an app called Cleanup My Mac. This app can supposedly remove viruses detected by the associated website (apple.com-shield[.]live), however, this deceptive site displays a fake virus alert to trick people into believing that their compute
Rogue applications that are categorized as browser hijackers and modify Safari browser settings have a generic name: "Safari Redirect Virus". When installed, browser-hijacking apps change settings of the affected browser and record various information (usually browsing-related). Typically, peopl
JSWRM is yet another high-risk ransomware infection discovered by GrujaRS. Following successful infiltration, JSWRM encrypts most stored data and appends filenames with the victim's unique ID, developer's email address, and ".JSWRM" extension. For example, "sample.jpg" might be renamed to a filen