Our researchers discovered the ETHAN ransomware while investigating file submissions to the VirusTotal website. This program is part of the MedusaLocker ransomware family. We executed a sample of this malware on our testing system and learned that the files it encrypts are renamed as well. Origin
Our team has reviewed myamericanprizes3[.]com and concluded that it is a deceptive web page. It requests personal information and permission to show notifications. If allowed, myamericanprizes3[.]com can deliver notifications that promote scams and other dubious sites. For these reasons, myamerica
We have examined myrewardslocker[.]com and found that it can deliver unwanted notifications. However, the site can only do so if visitors grant it such permission. In addition to requesting permission to show notifications, myrewardslocker[.]com displays misleading content. Overall, myrewardslocke
Marcher is a banking trojan targeting Android devices. This malware is multi-functional and its primary goal to acquire banking and other finance-related information. Marcher has been around since at least 2013 and has undergone changes throughout the years. Upon installation, Marcher requ
Modefender[.]xyz is the address of a rogue webpage that promotes browser notification spam and redirects users to other (likely unreliable/dangerous) sites. At the time of research, this page used a CAPTCHA-themed lure. Most visitors access webpages of this kind via redirects caused by websites t
Our researchers discovered libruies[.]com while investigating dubious websites. Upon examination, we learned that this rogue webpage endorses browser notification spam and redirects users to different (likely untrustworthy/harmful) sites. The majority of visitors to libruies[.]com and analogous p
Vgod is ransomware designed to encrypt files and append the ".Vgod" extension to them. Also, it changes the desktop wallpaper and provides a ransom note named "Decryption Instructions.txt". Cybercriminals behind Vgod use the malware to extort money from victims. An example of how Vgod renames fil
FrigidStealer is a malware targeting Mac operating systems. This malicious program is classed as a stealer, and as the classification implies – it is designed to steal sensitive information. FrigidStealer has been observed being spread via Web inject campaigns that redirect users to dedicated we
Zhong Stealer is a piece of malware that infects Windows systems, stays active, and steals sensitive data while avoiding detection. It uses various tricks to remain hidden, gather information, and keep control of the infected system. If the system is compromised, Zhong Stealer should be removed as
In our analysis, we found that getelltheprecise[.]org, if allowed, can send unwanted notifications. The site uses clickbait to obtain permission to send them. Web pages like getelltheprecise[.]org should not be permitted to show notifications to avoid scams, unwanted downloads, and other threats.