Discovered by S!Ri, Sodinokibi (also known as REvil or Sodin) is a ransomware-type program created by cyber criminals. They use it to encrypt files stored on victims' computers and prevent people from accessing them files until they have paid a ransom. Malware researchers call it Sodinokibi, howev
Nero TuneItUp is presented as a system optimization tool that solves problems relating to computer performance. It is supposedly able to make Windows boot faster, improve browser performance, optimize Windows Operating Systems, and update programs and drivers. To promote it, however, developers u
Cyber criminals present their PayPal Hacking Software as a hacking tool that supposedly misuses the PayPal system and allows users of this software to add funds to their accounts. In fact, this is a fake hacking tool that steal users' PayPal login data. According to PayPal Hacking Software d
BellevueCollegeEncryptor is a new variant of CryptoWire, a ransomware-type program that was discovered by MalwareHunterTeam. It is designed to encrypt data stored on computers and blackmail victims by forcing them to pay a ransom (purchase a tool required for decryption). BellevueCollegeEncryptor
G-Cleaner (also known as GCleaner) is promoted as an app that supposedly speeds up and optimizes Windows computers. It is promoted as a legitimate application (and its appearance may suggest this) and has a website from which it can be downloaded. In fact, its installation setup also contains a ma
Discovered by GrujaRS, Hceem is a ransomware-type infection that belongs to the Snatch ransomware family. As with many infections of this type, Hceem encrypts stored files and appends filenames with the ".hceem" extension (for example, "sample.jpg" is renamed to "sample.jpg.hceem"). Additionally,
oraronerethet[.]info is virtually identical to newchannel[.]club, hatnofort[.]com, terjuscalbuttont[.]info, and many other sites. It opens other untrustworthy websites or displays dubious content. Typically, people do not visit this site intentionally - they are generally redirected to it by pote
nythatspartaund[.]info is one of many rogue websites that, once visited, displays dubious content or causes redirects to other untrustworthy websites. It is very similar to other pages of this type such as newchannel[.]club, hatnofort[.]com, and terjuscalbuttont[.]info. These websites are general
"Facebook Messenger virus" was discovered by Ido Naor. Cyber criminals use it to spread FormBook, a trojan-type program, by sending various files through Facebook Messenger. If opened, these files cause installation of the aforementioned malicious program. Typically, people receive these f
Kiratos is a high-risk ransomware-type infection that belongs to the Djvu malware family. As with other variants from this malware family, Kiratos stealthily infiltrates computers and encrypts most stored files. In doing so, Kiratos appends filenames with the ".kiratos" extension (for instance, "