During a routine inspection of rogue webpages, our researchers discovered the playgamego[.]xyz rogue site. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/harmful) websites. Most users access sites like playgamego[.]xyz through redirects cau
News-voxodo[.]cc is a deceptive website that we have discovered while examining other pages that use rogue advertising networks. After inspecting this page, we found that it displays deceptive content to trick visitors into agreeing to receive notifications. Also, it redirects to another shady web
Decrypt is the name of ransomware that our team has discovered while examining malware samples submitted to the VirusTotal page. This ransomware encrypts files (and modifies their filenames), and generates two ransom notes ("info.hta" and "info.txt"). It belongs to a ransomware family called Phobo
Eegeeglou[.]com is a website that uses a clickbait technique to trick visitors into allowing to show notifications. Also, it redirects to other pages. We discovered eegeeglou[.]com while inspecting various pages that use rogue advertising networks (for example, illegal movie streaming pages, torre
CRYPTER v2.40 is a piece of malicious software classified as ransomware. Programs within this classification are designed to encrypt files and demand payment for the decryption. After we launched a sample of CRYPTER v2.40 on our test machine, it encrypted files and appended their filenames with a
Zfdv is the name of a ransomware variant belonging to the Djvu family. Our team discovered it while checking the VirusTotal page for recently submitted malware samples. We found that Zfdv encrypts files and appends ".zfdv" extension to filenames. It also provides a ransom note (creates the "_readm
While analyzing malware samples submitted to the VirusTotal page, our team discovered a new ransomware variant (belonging to the Djvu family) called Ewdf. We found that Ewdf encrypts files and appends the ".ewdf" extension to filenames. Also, it creates a text file (named "_readme.txt") that conta
While examining malware samples submitted to VirusTotal, we discovered a Djvu ransomware variant called Uihj. It encrypts files and modifies their filenames (appends the ".uihj" extension to filenames) and creates a ransom note (creates a text file named the "_readme.txt"). An example of how Uihj
InitialSprint is a piece of rogue software that our researchers discovered while inspecting new submissions to VirusTotal. Our analysis of this application revealed that it is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to run intrus
While inspecting questionable sites, our research team found the news-neduda[.]com rogue page. It operates by pushing browser notification spam and redirecting visitors to other (likely untrustworthy/malicious) websites. Users typically enter sites of this kind via redirects caused by webpages usi