While browsing new file submissions to the VirusTotal website, our researchers discovered Monkey ransomware. This malicious program is designed to encrypt data and demand payment for its decryption. On our test machine, this ransomware encrypted files and added a ".monkey" extension to their name
Lexornero.co[.]in is the address of a rogue page that promotes browser notification spam and generates redirects to other (likely untrustworthy/dangerous) websites. Most visitors to this webpage access it via redirects caused by sites that use rogue advertising networks. In fact, our researchers d
Our research team found the kyronero.co[.]in rogue webpage during a routine inspection of untrustworthy sites. Upon examination, we learned that it promotes spam browser notifications and redirects visitors to different (likely unreliable/dangerous) websites. Most users access pages like kyronero.
While inspecting munprost[.]com, we found that the site is deceptive. Once accessed, it displays a fake message to lure visitors into agreeing to receive its notifications. Moreover, if munprost[.]com obtains this permission, it sends fake warnings and similar messages to promote other potentially
Kyber is ransomware that we discovered while checking malware samples submitted to VirusTotal. Our analysis shows that Kyber encrypts files and appends ".#~~~" to filenames. For example, it changes "1.jpg" to "1.jpg.#~~~", "2.png" to "2.png.#~~~", and so forth. Kyber also creates a ransom note ("R
Our team discovered Stolen, a ransomware variant belonging to the MedusaLocker family, while examining samples uploaded to VirusTotal. Upon infiltration, Stolen encrypts files and appends the ".stolen30" extension (the number might vary) to filenames. Also, it provides a ransom note, "READ_NOTE.ht
During our examination, we discovered that tepinursh[.]com uses clickbait to deceive visitors into consenting to get notifications from it. Once the page has permission to show notifications, it can bombard users with fake warnings and other misleading messages to trick users into opening other po
Our analysis shows that missoper[.]com is a deceptive website designed to mislead visitors into enabling notifications. Once permitted, it can send fake alerts that may expose users to online risks. Therefore, it is best to avoid missoper[.]com and never allow similar pages to deliver notification
We have inspected novixnero.co[.]in and determined that it is a misleading website created to trick visitors into agreeing to receive notifications. If allowed, it can deliver fake warnings. Interacting with notifications from novixnero.co[.]in can expose users to various online threats. Thus, thi
While investigating questionable websites, our research team found krouns.co[.]in. This rogue page promotes browser notification spam and produces redirects to different (likely unreliable/hazardous) sites. Most users access webpages like krouns.co[.]in via redirects caused by websites utilizing r