CABP is ransomware that our team has discovered while analyzing malware samples submitted to VirusTotal. We found that it encrypts and renames (by appending the ".CABPRANSOM_ENCRYPTED" extension) files and displays a pop-up window containing a ransom note. The CABP ransomware was first discovered
Our malware researchers have discovered the Maiv ransomware while analyzing malware samples recently submitted to VirusTotal. After testing the ransomware, we have learned that it belongs to the Djvu family. Maiv has three key qualities: it encrypts files, appends the ".maiv" extension to filename
Detected by our researchers on new submissions to VirusTotal, VirtualGuest is a rogue application. During analysis, we discovered this piece of software to be an adware-type app belonging to the AdLoad malware family. Adware may require certain conditions to be met (e.g., compatible devi
Mp3fromyou[.]tube is an untrustworthy website, which our research team found when inspecting rogue advertising networks. This site offers the illegal service of converting YouTube videos (via links) to downloadable MP3 audio files. In addition to breaking copyright laws, visiting/using mp3fromyou
Discovered by malware analyst 3xp0rt, Allcome is a clipper-type malicious program. Malware of this type targets cryptocurrencies by replacing clipboard (copy-paste buffer) data for outgoing transactions. Our researchers have looked into Allcome clipper's online promotional material. We fou
Discovered by our research team during a routine inspection on new submissions into VirusTotal, Wgbkr is a ransomware-type program. When launched on our test machine, it encrypted files and appended their filenames with a random character string and the ".wgbkr" extension. For example, a file ori
We have read about the DarkWatchman malware in a blog post written by other malware researchers. We've learned that DarkWatchman is a JavaScript-based Remote Access Trojan (RAT) that cybercriminals distribute using malicious email attachments. We also found that DarkWatchman does not write any fil
Granda Misha is a multifunctional trojan-type malware. Our researchers obtained a sample from VirusTotal and subsequently analyzed and researched this malicious program. Granda Misha has a broad list of functions, meaning that it can be used for varied purposes and cause a wide variety of serious
We have discovered this deceptive page while examining other pages that use questionable advertising networks. The purpose of this site is to trick visitors into downloading and executing a file that is supposed to update the Chrome browser. Our team has downloaded the file and learned that it is
Quick Tag is a rogue browser extension, which our research team has determined to be a browser hijacker. This piece of dubious software modifies browsers to promote the quicknewtab.com fake search engine. Once installed onto our test machine, we observed Quick Tag assigning quicknewtab.com