Watch Movies Live is a rogue application, promoted as a tool for quick access to movie streaming, news and other film-related websites. It is a browser hijacker, due to the changes it makes to browsers in order to promote a fake search engine - search.watchmovieslivetab.app. Additionally, it has
TV Fans Online Tab is endorsed as a tool for quick access to TV-related content. In fact, this is a rogue app, a browser hijacker designed to modify browsers to promote a fake search engine (search.htvfansonline.com). Additionally, it has data tracking capabilities and gathers browsing-related inf
The 2conv[.]com website provides an online service to convert YouTube videos to MP3 and other formats. It also promotes a desktop downloader and converter called Flvto Youtube Downloader. Note that it is illegal to download videos from YouTube. Furthermore, the 2conv[.]com web page contains dubio
ZLoader (also known as DELoader and Terdot) is a malicious program distributed through malicious web pages that display a fake error notification (e.g., "The 'Roboto Condensed' font was not found"). Research shows that ZLoader infects systems with another malicious program, a banking Trojan calle
Discovered by S!Ri, Afrodita is a part of the LockerGoga ransomware family. It encrypts data with the AES-256 and RSA-2048 encryption algorithms. Afrodita also creates a ransom message within the "__README_RECOVERY_.txt" text file, which contains instructions about how to contact cyber criminals
Avoid the y2meta[.]com website, since it employs dubious advertising networks and provides an illegal video downloading service. Note that it is illegal to download videos from YouTube. Furthermore, y2meta[.]com contains various ads that redirect visitors to other untrustworthy websites. These are
Discovered by S!Ri and further researched by Raby, checkmail7@protonmail.com (or simply CheckMail) is a malicious program categorized as ransomware. It operates by encrypting data and demanding ransom payments for decryption. During the encryption process, this malware appends files with an exten
bo3news[.]biz redirects visitors to a variety or untrustworthy, potentially malicious websites. Browsers are often forced to open sites such as bo3news[.]biz by potentially unwanted applications (PUAs) installed on browsers or operating systems. In any case, people do not open them intentionally.
Belonging to the Phobos malware family, Dever is a ransomware-type malicious program. Infected devices have their data encrypted and a ransom is demanded from the victims for decryption software/tools. When Dever encrypts files, it renames them according to the following pattern: unique ID, devel
"This is a VIRUS. You computer is blocked" is another technical support scam used by cyber criminals who claim to offer legitimate 'technical support'. They attempt to trick people into believing that their computers are infected/blocked and to make contact via the telephone number provided. Most