Discovered by Jakub Kroustek, IMI belongs to a family of ransomware-type programs called Dharma. Like many other programs of this type, IMI is designed to encrypt data and keep it inaccessible unless victims pay a ransom. It renames all encrypted files by appending the victim's ID number, email ad
androidrecaptcha[.]info is similar to other websites, such as clicktube7[.]com, tatilyerlerim[.]com, orbetterpositiesa[.]info, and many more. Generally, people who visit them are redirected to other dubious websites, or they load deceptive content. Most people do not visit these sites intentional
Landslide Search is a rogue application advertised as a tool supposedly capable of providing improved search results. In fact, it operates as a browser hijacker and modifies browsers to promote a fake search engine (search.landslidesearch.com). Additionally, this app monitors users' browsing activ
clicktube7[.]com is a rogue website that is very similar to many other websites of this type, such as orbetterpositiesa[.]info, nlighttomayorw[.]info, new-incoming[.]email, and so on. When opened, it displays dubious content or causes redirects to other dubious websites. In any case, few people v
tatilyerlerim[.]com is a rogue website sharing many common traits with orbetterpositiesa.info, yourlifedate.com, new-incoming.email and countless others. It operates by presenting visitors with highly dubious content and causing redirects to other untrustworthy and malicious web pages. Few users
Like countless others available online, vpnshieldplus2[.]com is a deceptive/scam website. It endorses untrusted software through the use of scare tactics. Usually, these web pages operate by warning that devices are infected and offering products, allegedly capable of eliminating the threat. No
Discovered by Raby, Rooster865qqZ belongs to the Maoloa ransomware family. It encrypts files and appends the ".Rooster865qqZ" extension to filenames. For example, "1.jpg" becomes "1.jpg.Rooster865qqZ", and so on. Furthermore, Rooster865qqZ displays a pop-up window, a ransom message launched from
Merl is malicious software belonging to the STOP/Djvu ransomware family. This malware operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all files are renamed with the ".merl" extension. For example, "1.jpg" would appear as "1.jpg.merl", and s
orbetterpositiesa[.]info is a rogue website that causes redirects to other untrustworthy sites or displays dubious content. It is very similar to many other pages of this kind such as nlighttomayorw[.]info, new-incoming[.]email, and tirsmile[.]pro. Few people visit orbetterpositiesa[.]info (or ot
Similar to nlighttomayorw.info, new-incoming.email, ritteddelibacyca.info and many others, yourlifedate[.]com is a rogue website. It presents users with dubious content and/or redirects them to other untrustworthy and malicious websites. Few visitors enter yourlifedate[.]com willingly - most are