cr447.xyz is the address of a fake search engine, which is promoted through various potentially unwanted applications (PUAs) that are also categorized as browser hijackers. One of these apps (called APP) targets Google Chrome users. Research shows that cr447.xyz is related to QIP, another fake sea
"Call Microsoft Helpline" is a scam run by deceptive websites. It operates by tricking users into believing that their device is infected and that they need to contact the (fake) technical support provided to resolve the issues. Note that no website can detect threats present on users' systems and
"UPS Email Virus" is a spam email campaign used to proliferate a high-risk virus called Hancitor. Cyber criminals send thousands of emails encouraging users to open attached documents. In this case, the email is presented as a notification from the UPS company, however, opening the attached file l
Discovered by MalwareHunterTeam, F*CKaNDrUN is malicious software classified as ransomware and based on an open-source project called Hidden Tear. Victims who have computers infected with F*CKaNDrUN cannot access or use encrypted files unless they decode them with a key that can only be purchased
"International promotion of postal services" is a scam proliferated by deceptive/scam sites. It operates by congratulating visitors that they have been chosen by Company Control Service and "the international share of postal services" as one of several hundred annual "Happy e-mail" winners. Users
Rote belongs to the Djvu ransomware family. It encrypts victim's data, changes the filename of each encrypted file, and creates a text file that contains instructions about how to contact cyber criminals and other details. It renames encrypted files by appending the ".rote" extension to filenames
Discovered by Amigo-A, Zobm ransomware is a part of the Djvu family of ransomware-type malware. Like most programs of this type, it encrypts (locks) data, creates a ransom message, and adds its extension to each encrypted file. Zobm creates the "_readme.txt" file and appends the ".zobm" extension.
Gov Tax Info is a browser hijacker, which is advertised as a tool for easy access to various governmental forms. It can supposedly provide medical, travel, and revenue forms, and also news, weather forecasts, and email service web sites. In fact, it changes browser settings to promote a fake searc
Deuce is a ransomware-type program, designed to encrypt data and demand ransom payments for decryption. The program belongs to the Phobos ransomware family. During the encryption process, all files are renamed with the victim's ID number, developer's email address, and ".deuce" (".id[victim's_ID].
private-show[.]live is the address of a website that can load dubious content or open other rogue web pages. Many other websites operate in this way. For example, sonagerthrou[.]com, bestgamesvault[.]com, and bestflowingstuff[.]co. Generally, people do not visit these sites intentionally - they a