vpnprotectplus[.]com is a deceptive website that attempts to trick visitors into installing a potentially unwanted application (PUA). It notifies people that it has detected viruses on their device and encourages them to remove the threats with some dubious software. We strongly advise against
reliableultimatesafevideoplayers[.]info is a deceptive website, which claims that Adobe Flash Player is outdated. It has several purposes: promotion of a fake Flash Player updater and other similar scam web pages. Rogue updaters are commonly used to proliferate untrustworthy (e.g. potentially u
biggerupdateforvideos[.]best is a deceptive website used to trick visitors into installing unwanted software through a fake Adobe Flash Player installer. Research shows that biggerupdateforvideos[.]best downloads a file that installs two potentially unwanted applications (PUAs): Advanced Mac Tun
Discovered by malware researcher S!Ri, .harma (Ouroboros) is a ransomware-type malicious program belonging to the Ouroboros malware family. Systems infected with this software have data encrypted and victims receive ransom demands for decryption tools/software. During the encryption process, all
The My Package Homepage app supposedly provides a package tracking service, however, this rogue software is categorized as a browser hijacker, a potentially unwanted application (PUA) that promotes a fake search engine (search.hmypackagehomepage.com) and gathers browsing data. Like most browser h
Practically identical to doctopdfsupreme.com, search.pricklybears.com, and many others, search.doc2pdfsearch.com is a fake search engine and promoted by the DOC2PDF Convert browser hijacker. These rogue applications modify browsers and restrict/deny access to settings. Additionally, most browse
doctopdfsupreme.com is a fake search engine which is promoted through a potentially unwanted application (PUA), a browser hijacker called docpdfsupreme (or docpdfsupreme - Search the web and convert PDF). Typically, browser hijackers promote fake search engines by changing certain browser setti
Scammers behind this email claim that they have hacked the computer and taken control of the recipient's personal and financial data. They threaten to delete the data unless the recipient pays a specific ransom amount. Extortion, however, is not their primary goal. They also attempt to trick peop
TRSomware is a new variant of MMDecrypt ransomware. It operates by encrypting the data of infected systems so that criminals can demand payment for decryption tools/software. During encryption, filenames are appended with the ".TRSomware[is_back__New-Algorithm__By_MaMo434376]" extension. For exam
Devos is a part of the Phobos ransomware family. Like most programs of this type, Devos blocks access to files by encryption, changes filenames and provides victims with instructions about how to recover their files. This ransomware renames all encrypted files by adding the victim's ID, developer'