Qbaa is a piece of malicious software belonging to the Djvu ransomware family. Our researchers discovered a sample of this ransomware on VirusTotal. After analyzing it, we found that this malicious program encrypts files and appends their filenames with the ".qbaa" extension. For example, a file
Our team has discovered the Fopa ransomware (which is part of the Djvu family) while examining malware samples submitted to VirusTotal. The purpose of Fopa is to encrypt files. Also, it renames all encrypted files by appending the ".Fopa" extension and creates the "_readme.txt" file containing con
We detected the reL ransomware variant (which belongs to the Dharma ransomware family) while checking the samples submitted to VirusTotal. We found that reL encrypts files and appends the victim's ID, release@techmail.info email address, and the ".reL" extension to filenames. Also, it displays a p
Protecthub[.]xyz displays deceptive content to fraudulently promote legitimate software and asks for permission to show notifications. Additionally, it might be designed to redirect visitors to other shady websites. Our team has discovered protecthub[.]xyz while examining sites that use rogue adve
Data Shield for Chrome is a browser hijacker designed to promote search.wiseghostapp.com - a fake search engine. It hijacks a web browser by changing its settings. Our malware researchers have found Data Shield for Chrome on a deceptive website promoted via other sites that use questionable advert
Read-new-post[.]com displays deceptive content to get permission to feed visitors with shady advertisements. It also redirects to untrustworthy pages. We have discovered it while inspecting pages that use rogue advertising networks (illegal movie streaming pages, torrent sites, etc.). Read
Detectvid[.]com is a rogue webpage that we discovered during a routine inspection of shady sites. It is designed to trick visitors into enabling its spam browser notifications and cause redirects to other untrustworthy/malicious websites. Users typically enter such pages via redirects caused by si
We discovered the masterofkeeps[.]xyz webpage while researching untrustworthy sites. This rogue page loads deceptive content, pushes browser notification spam, and redirects visitors to other unreliable/hazardous websites. Most users enter sites like masterofkeeps[.]xyz through others that use rog
LKS is a piece of malicious software classified as ransomware that our research team discovered during a routine inspection of new submissions to VirusTotal. After analyzing this program, we determined that it belongs to the Phobos ransomware family. Once a sample was executed on our test system,
During a routine inspection of rogue websites, our researchers discovered the masterofkeeps[.]xyz website, which in turn resulted in us learning of the "Your Windows 10 is infected with viruses" scam. This scheme makes false claims about visitors' devices being infected in order to gain and subseq