While reviewing file submissions to the VirusTotal site, our research team discovered the Cod ransomware. This malicious program is part of the Makop ransomware family. Malware of this kind encrypts data and demands a ransom for the decryption. Once we executed a sample of Cod on our test machine
DroidLock is Android malware that behaves much like ransomware. However, unlike typical ransomware, it does not encrypt files. The malware blocks victims from using their devices and can view or even delete different types of data. Cybercriminals utilize DroidLock to extort money from victims.
Our researchers discovered the AdBlocker Expert rogue browser extension while browsing suspicious websites. This software is promoted as an ad-blocking tool; however, upon analysis, we determined that it operates as adware. Adware stands for advertising-supported software. It is designed t
Upon examining forthdoosymellm[.]com, we found that it is designed to trick visitors into allowing notifications. This website is untrustworthy and may send misleading alerts promoting other unsafe sites. If opened, forthdoosymellm[.]com should be closed and never permitted to send notifications t
Cooseagroup is a ransomware discovered by our researchers during a routine inspection of new file submissions to the VirusTotal website. Malware of this kind operates by encrypting data in order to demand a ransom for its decryption. On our test machine, Cooseagroup encrypted files and modified t
After reviewing the email, our team determined it is a fraudulent message pretending to be from an email service provider. It is designed to look trustworthy to trick recipients into accessing a fake website and providing personal information. Engaging with this email could result in account compr
Our team has inspected the email and found that it is a fake notification from an email service provider. It is crafted to appear legitimate to trick recipients into opening a deceptive website and following the provided instructions. Trusting this email can lead to account hijacking and other pro
Our team has determined that this is a phishing email disguised as a security warning from the email service provider. The email provides a misleading link to trick recipients into opening a fake web page and revealing personal information. Victims of this scam may be unable to access their accoun
NOCT is ransomware that we have discovered during an analysis of samples submitted to VirusTotal. Our inspection shows that NOCT encrypts files, appends the ".NOCT" extension to filenames, changes the desktop wallpaper, and drops a ransom note ("READ_ME.txt"). An example of how NOCT renames files:
During our inspection, we found that manualssearch.com is a fake search engine promoted through an extension, a browser hijacker named Manuals Search. Typically, browser hijacking involves changing the settings within a web browser. Fake search engines and extensions promoting them can expose user