We have analyzed this email and found that it is used to deliver a remote administration Trojan called njRat. Cybercriminals behind this campaign pretend to be DHL - a legitimate logistics company. Their goal is to trick recipients into opening a malicious attachment. The letter is disguis
HOUSELOCKER is ransomware discovered by MalwareHunterTeam. This malware damages the Master Boot Record (MBR) to prevent victims from accessing the operating system. It also restarts the operating system and then displays a ransom note. Screenshot of the ransom note displayed after Windows rest
Gilfillan is the name of a malicious program categorized as ransomware, which belongs to the VoidCrypt malware family. After launching a sample obtained from VirusTotal onto our test system, Gilfillan began encrypting files and appended their filenames with a unique ID, the cyber criminals' email
We have discovered ovinspecutions[.]com while analyzing websites that use shady advertising networks (e.g., torrent sites, illegal movie streaming pages). After testing the ovinspecutions[.]com, we learned that it uses a clickbait technique to get permission to show notifications and redirects to
µ-2246-digits-of-pi is the name or ransomware, a new variant of the DeezNuts Crypter ransomware. We have discovered this variant while examining malware samples submitted to VirusTotal. It was found that µ-2246-digits-of-pi encrypts files and inserts its name in their filenames. This ransom note p
While inspecting dubious sites, our research team discovered expressedsupply[.]com. This rogue webpage loads deceptive content, promotes browser notification spam, and causes redirects to other (likely untrustworthy/malicious) websites. Visitors to such sites typically access them via others that
Our team has examined this email and concluded that it is sent by scammers who seek to trick recipients into providing their passwords. The email is disguised as a letter from DHL (a legitimate logistics company)/a shipment notification. It contains an attachment (an HTML file) designed to open a
Toon Explorer is a browser extension promising easy access to cartoon-related online content. We discovered this piece of software while inspecting deceptive download websites. After analyzing Toon Explorer, we determined that it operates as advertising-supported software (adware). Adware
Magala is a Trojan-clicker that performs a form of ad fraud (click fraud). The purpose of this clicker is to connect to specific websites and drive traffic to them. It imitates clicks on those websites. Typically, Trojan-clickers are used to drain the budget of competitors paying for advertising.
During a routine inspection of new submissions on VirusTotal, our researchers found Cj - yet another ransomware belonging to the VoidCrypt family. We executed Cj's sample on our test system, and it began encrypting files and appending their filenames with a unique ID, the attackers' email address