Qotr, a variant belonging to the Djvu ransomware family, encrypts data and adds the ".qotr" extension to filenames. Qotr creates a "_readme.txt" file to provide contact and payment information. As an illustration of its file renaming method, Qotr changes "1.jpg" to "1.jpg.qotr", "2.png" to "2.png.
Our research team discovered the Quick Video Find browser extension during a routine investigation of untrustworthy websites. Quick Video Find promises the functionality of providing easy access to free downloads of audio/video from browsed websites. However, after inspecting this extension, we de
While investigating suspicious websites, our researchers found one endorsing the Hockey Start browser extension. It is presented as a tool for quick access to hockey sports related online content. However, after we analyzed this extension, we determined that it changes browser settings to promote
Our research team discovered the Music application while inspecting suspicious websites. After investigating this app, we determined that it is advertising-supported software (adware). In other words, Music operates by running intrusive advertisement campaigns. Adware is designed to delive
Finder-search.com is the address of a fake search engine. Websites of this type usually cannot provide search results, and while finder-search.com can – they are likely to include unrelated and deceptive content. Illegitimate search engines are commonly promoted (through redirects) by browser hija
Atlantida is the name of a stealer. Malware within this classification is designed to extract sensitive information from systems and applications installed on them. The Atlantida stealer has been observed being actively spread through suspicious freeware and "cracked" software websites. As
Qowd is ransomware that encrypts files on a victim's computer and demands a ransom payment in exchange for decryption tools. Our team discovered Qowd while checking the VirusTotal site for recently submitted malware samples. Qowd is a variant of the Djvu ransomware family. It may be distributed al
Qoqa is a type of ransomware that belongs to the Djvu family. Our research team discovered it while examining malware samples submitted to VirusTotal. Once it infects a computer, it encrypts the victim's files and renames them by appending the ".qoqa" extension to the end of the original filename.
While examining energysearch.co, we found that it is a shady search engine that may provide misleading results. Typically, search engines of this kind are promoted through browser hijackers. Apps of this type modify the settings of web browsers to promote search engines. Energysearch.co ma
While investigating suspicious websites, our research team found the mp3-convert[.]org page. It operates as a YouTube converter, i.e., the site allows users to convert said platform's video links to downloadable MP3 files. This service break copyright laws. What is more, mp3-convert[.]org is monet