First discovered by malware researcher, Michael Gillespie, Heran is one of many ransomware-type infections from the Djvu family. The purpose of Heran is to encrypt most stored files and keep them in that state unless a ransom is paid. During encryption, Heran appends each filename with the ".hera
First discovered by Michael Gillespie and belonging to the Djvu ransomware family, Lapoi is yet another ransomware-type infection that stealthily infiltrates computers and encrypts stored data. In doing so, Lapoi appends each filename with the ".lapoi" extension (e.g., "sample.jpg" becomes "sampl
Searchroute (an abbreviation for searchroute-1560352588.us-west-2.elb.amazonaws[.]com) is a website used by cyber criminals to promote the bing.com search engine in malicious ways. If you continually encounter redirects to Searchroute, your system is probably infected with adware-type applicatio
Lurk is yet another ransomware-type infection discovered by malware researcher, Petrovic. After successful infiltration, Lurk encrypts most stored files and renames them using the following pattern: "[random_string].original_extension.lurk". For example, "1.jpg" file might be renamed to a filename
Similar to "Chrome Update Center" and many others, "The PT Sans Font Wasn't Found" is a fake error message displayed by various malicious websites. Users typically visit these websites inadvertently - they are redirected by potentially unwanted applications (PUAs) already present on the system or
Identical to Spaces.app and Spotlight.app, ScreenCapture (also known as ScreenCapture.app) is an adware-type application designed to promote the searchbaron.com fake search engine, which is designed to redirect users to bing.com by using the Amazon AWS service. This application typically infilt
First discovered by Michael Gillespie and belonging to the Djvu ransomware family, Darus is a high-risk ransomware infection that stealthily infiltrates computers to encrypt data. In doing so, Darus renames each compromised file by appending the ".darus" extension. For example, "sample.jpg" is re
Discovered by Michael Gillespie and belonging to the Djvu ransomware family, Tocue is a high-risk infection that stealthily infiltrates computers and encrypts most stored data, thereby rendering it unusable. Tocue also renames each compromised file by adding the ".tocue" extension (e.g., "sample.
First discovered by Michael Gillespie, Vusad is yet another ransomware from the Djvu family. The purpose of this ransomware is to encrypt data and keep it in that state unless a ransom is paid. During encryption, Vusad appends each filename with the ".vusad" extension (e.g., "sample.jpg" is rename
Gusau is high-risk ransomware that belongs to a family of viruses called Djvu. Following successful infiltration, Gusau encrypts most stored data rendering it unusable. Additionally, Gusau appends names of all encrypted files with the ".gusau" extension (hence the ransomware name). For example, "