Discovered by xXToffeeXx, PEC 2017 is a ransomware-type virus distributed via spam emails containing a fake CV attachment, which installs malware by employing a CVE-2017-0199 exploit. Once infiltrated, PEC 2017 encrypts various data using AES-256 cryptography. During encryption, PEC 2017 appends
WiseFolderLock is a deceptive application that supposedly allows users to lock various folders. Judging on appearance alone, WiseFolderLock may appear legitimate and useful, however, this app infiltrates systems without consent. Furthermore, it delivers intrusive online advertisements and records
UpdateAdmin is a rogue application claiming to provide various useful features. Although this functionality may seem legitimate, UpdateAdmin is categorized as a potentially unwanted program (PUP) or adware. One of the reasons for these negative associations is a deceptive software marketing metho
Developers present googlescan.ru as a 'high-experience' search engine that enhances the Internet browsing experience by generating improved results. Judging on appearance alone, googlescan.ru barely differs from Bing, Yahoo, Google, and other legitimate search engines. Therefore, many users belie
DownloadManagerNow is a deceptive application developed by Mindspark Interactive Network. By claiming to ease the data download process, DownloadManagerNow attempts to give the impression of legitimacy, however, this app is categorized as a potentially unwanted program (PUP) and a browser hijacker
Mordor is a ransomware-type virus discovered by MalwareHunterTeam. This malware is a based on an open source ransomware project called Hidden Tear. Cyber criminals edit Hidden Tear source code and attempt to generate revenue by providing Mordor as a RaaS (Ransomware-as-a-Service). Mordor is distr
Restore@protonmail.ch is an new version of Fantom ransomware. Once infiltrated, restore@protonmail.ch encrypts files using asymmetric cryptography. As with Fantom, restore@protonmail.ch also displays a fake Windows Update screen during file encryption. Furthermore, this ransomware renames encrypt
OzozaLocker is a ransomware-type virus that infiltrates the system and encrypts various data. During encryption, OzozaLocker appends the ".locked" extension to the name of each encrypted file. For instance, "sample.jpg" is renamed to "sample.jpg.locked". A text file ("HOW TO DECRYPT YOU FILES.txt
Developers present combotab.com as an search engine that generates improved results and, therefore, enhances the Internet browsing experience. Judging on appearance alone, combotab.com may seem legitimate and useful, however, this site gathers various information relating to Internet browsing act
Ranion is a ransomware virus promoted as a RaaS (Ransomware-as-a-Service) in the Dark Web. This malware is designed to encrypt various data using the AES encryption algorithm. Following successful encryption, Ranion opens a pop-up window containing a ransom-demand message. The message states t