Devil is a part of Phobos, a family of ransomware-type programs. It renames encrypted files by appending the victim's ID, developer's email address and ".devil" extension to filenames. For example, a file such as "1.jpg" is renamed to a filename such as "1.jpg.id[1E857D00-2574].[decrypt4data@proto
Discovered by cyber security researcher Jack, c0hen Locker is a malicious program classified as ransomware. Malware within this classification is designed to encrypt the data of infected devices and then demand ransom payments from the victims (i.e., payment for decryption tools/software). When t
NEMTY 2.5 REVENGE was discovered by Raby. This ransomware renames encrypted files by appending the ".NEMTY_[string of random characters]" extension to their filenames. For example, it renames "1.jpg" to "1.jpg.NEMTY_OF7X2YU", and so on. It also creates a ransom message within a text file, the nam
Criminals behind this spam campaign, which is classified as a sextortion scam, send emails to many people and hope that some will be tricked. Typically, scammers who send emails of this attempt to blackmail recipients with threats to send compromising, humiliating images or videos to their contact
Discovered by S!Ri, Zeoticus is malicious software categorized as ransomware. It is designed to encrypt data and demand ransom payments for decryption. During the encryption process, all affected files are appended with the developer's email address and the ".zeoticus" extension. For example a fi
Prizedeal is a rogue, untrustworthy website. When opened, it forces people to visit other websites of this kind or displays dubious content. There are many similar websites on the internet including lurunews[.]biz, highertpushs[.]com, and tripflag[.]info to name just some examples. Generally, the
Similar to seekforsearch.com, searchitdown.com, premiumsearchweb.com, and a number of other rogue sites, search.follysway.com is a fake Internet search engine claiming to generate improved search results, thereby enhancing the Internet browsing experience. Be aware, however, that developers pr
Sharing similarities with glagolinius.com, mayfootekvideo.com, secretvideos2020.com and many others, toobotnews[.]biz is a rogue web page. It operates by generating redirects to untrustworthy/malicious sites and presenting visitors with dubious content. Few users enter this site intentionally - m
Free Daily Manuals is a browser hijacker, advertised as a tool for easy access to various manuals. After successful installation, this rogue application modifies browsers to promote its associated fake search engine (search.freedailymanualstab.com). Furthermore, most apps classified as browser hi
ReadInstructions is a malicious program belonging to the MedusaLocker ransomware family. It operates by encrypting data and demanding ransom payments for decryption. During the encryption process, files are appended with the ".ReadInstructions" extension. In some variants, this extension appears