Discovered by GrujaRS, Marozka is a ransomware-type program that is based on an open-source ransomware project called Hidden Tear. It encrypts data using AES cryptography and creates a ransom message within a text file called "HOW TO DECRYPT FILES.txt", which can be found in each folder that conta
The dongtaiwang.com website is created for Chinese-speaking users and promotes a VPN (Virtual Private Network) called Freegate. This app accesses websites that are otherwise blocked in the user's country. Note, however, that it is categorized as a browser hijacker, a potentially unwanted applicat
redrentalservice.com (a successor of setforconfigplease.com) is one of many websites that cause redirects to other untrustworthy sites. Some examples of other websites that operate in this way are setforconfigplease.com, somelandingpage.com, and setforspecialdomain.com. People are usually redirec
"Flash Player Auto Update Daemon" is a fake system notification (pop-up window) encouraging Mac users to update their Flash Players. Typically, such notifications appear due to installed adware-type apps that are categorized as potentially unwanted applications (PUAs). These usually feed users w
Originating from Paradise malware family, securityP is a high-risk ransomware discovered by Michael Gillespie. This malware is designed to encrypt stored data and append filenames with the ".securityP" extension plus the victim's unique ID and developer's email address (e.g., "sample.jpg" might b
Baldr stealer (also known as Trojan:MSIL/Darbl.A) is a malicious program that steals data. Cyber criminals can purchase this tool from hacking forums to generate revenue by misusing recorded (stolen) information. Generally, they present this program as a tool that can be used for a number of purpo
Stun is yet another variant of Dharma ransomware and was first discovered by Jakub Kroustek. As with its predecessor, Stun also encrypts most stored files and appends filenames with the ".stun" extension plus the victim's unique ID and developer's email address. For example, "sample.jpg" might be
Most ransomware-type programs are designed to encrypt files, prevent victims from accessing them, and keep them in that state until a ransom is paid. Unnam3d differs, since it places files into RAR archives that cannot be extracted without entering a password. It also changes the wallpaper and dis
Discovered by Michael Gillespie, Tronas is a part of the Djvu ransomware family. Developers (cyber criminals) distribute the program to extort money from people. Tronas encrypts files stored on computers and prevents victims from accessing them until a ransom is paid. This malicious program creat
lythenheckwo.info is yet another rogue website that shares similarities with time2notification.com, push-checking.com, luckypushh.com, and dozens of others. It redirect users to malicious websites and delivers dubious content. Users typically visit lythenheckwo.info inadvertently - they are redir