While browsing suspicious sites, our research team discovered the "AVG - Your Subscription Has Expired" scam. It claims that the website visitor's AVG subscription has expired, and their computer is at risk. This scam is not associated with the actual AVG AntiVirus. The goal of this deceptive page
888 is the name of a malicious program classed as ransomware. This malware operates by encrypting files and demanding payment for the decryption. On our testing system, the ransomware encrypted files and appended their names with a ".888" extension. For example, a file initially titled "1.jpg" as
Our research team discovered the CrazyHunter ransomware while reviewing new submissions to the VirusTotal website. This malicious program is designed to encrypt data and demand ransoms for the decryption. After we executed a sample of CrazyHunter on our testing system, it encrypted files and adde
Salvador Stealer is malware targeting Android users. It is disguised as a banking application and extracts sensitive information from infected devices. Salvador Stealer sends the stolen details via Telegram Bot API. Victims should scan their devices and eliminate the malware as soon as possible.
We have inspected Nullhexxx, a malware discovered while analyzing samples submitted to VirusTotal, and found that it operates as ransomware. Nullhexxx encrypts files, appends an email address and the victim's ID to filenames, changes the desktop wallpaper, and provides a ransom note ("READ-ME-Null
This "Tornado Cash" scam refers to deceptive websites that imitate the Tornado Cash (TornadoCash) platform. These fake pages are not associated with this cryptocurrency tumbler. The scam sites aim to trick users into exposing their wallets to a crypto drainer, and victims experience financial loss
Our examination of the site has revealed that it hosts a technical support scam where fake pop-ups appear to trick unsuspecting visitors into taking certain actions. Usually, such scams use fear tactics to deceive individuals. If this or a similar scam website is encountered, it should be ignore
Our researchers found the ZasifrovanoXTT2 malicious program while inspecting new submissions to the VirusTotal website. This software is part of the Xorist ransomware family. Malware of this kind encrypts data and demands payment for the decryption. On our test machine, ZasifrovanoXTT2 encrypted
We have tested AnalyzerAccess and discovered that it delivers annoying advertisements. For this reason, we classified AnalyzerAccess as adware. Our other finding is that this app has been flagged as malicious, which means it can display deceptive ads designed to open untrustworthy websites.
We have inspected RestoreBackup (which we discovered during analysis of malware samples submitted to VirusTotal) and determined that it is ransomware designed to encrypt files. In addition to blocking access to files, RestoreBackup renames them (by appending ".{random_string}.restorebackup") and d