XMRig is a legitimate open-source application that allows utilization of system CPU resources to mine cryptocurrency. Cyber criminals often misuse these tools to generate revenue in malicious ways. Here, we look at malware that combines a backdoor-tool called EmPyre with XMRig and allows cyber c
bing.com is a well-known, legitimate search engine owned by Microsoft and is not associated with any viruses, malware, and so on. Despite this, many browser hijackers, potentially unwanted applications (PUAs), promote bing.com to give the impression of legitimacy. Typically, users install apps
severeweathercheck.com is one of many fake search engines available and is promoted using the Severe Weather Check application. According to the developers, this site can track weather changes in a specific area when users enter a city or ZIP code. This may seem to be a legitimate and useful app,
Discovered by Michael Gillespie, .SYS is another ransomware-type infection. As with most of these infections, it is designed to block access to files by encryption and keep them locked until ransom demands are met. Once the computer is infected and files are encrypted, .SYS replaces extensions wit
Discovered by Michael Gillespie, Mercury is malicious software (ransomware) that encrypts data and prevents victims from accessing it. Once encryption is finished, all infected files are renamed by adding the ".Mercury" extension. For example, a file with the filename "1.jpg" becomes "1.jpg.Mercur
Kali ransomware is malicious software that cyber criminals (the developers of the software) use to block access to data on an infected computer by encryption. Once encrypted, files become unusable. Kali renames every affected file by changing the extension and adding ".kali". For example, "sample
Discovered by GrujaRS, Forma is a high-risk computer infection that is classified as ransomware. Forma's developers use it to affect computers by encrypting data, thus making files unusable. Files are encrypted using SHA-2 (SHA-256) cryptography and victims cannot use their files unless a ransom i
These email scams are often used to trick recipients into downloading and opening an attachment. In this case, users are encouraged to click a link that leads to a malicious file. Scammers/cyber criminals use "Brexit Email Virus" to distribute Ursnif, a trojan-type computer infection used to recor
Doubleoffset is a computer infection that belongs to the Cryakl ransomware family. Typically, cyber criminals attempt to infect computers with ransomware for the purposes of blackmail - they demand ransom payments in return for decryption tools or keys. Doubleoffset renames all encrypted files by
The internet is full of untrustworthy, rogue websites including barbitinnovans.info. This site is very similar to many other dubious websites such as touchpushthen.info, googlo.co, and hotchedmothe.club. Its main purpose is to redirect users to other dubious/untrustworthy websites. Users often vi