Forest Start Tabs is a browser hijacker designed to promote foreststarttabs.com - a fake search engine. It hijacks a web browser by changing its settings. Our malware researchers have discovered Forest Start Tabs while examining various deceptive websites and sites that use rogue advertising netwo
"Army of Ukraine need your support" is a scam email our researchers discovered and analyzed. This fake letter urges recipients to donate to the Ukrainian army in their efforts to protect their country's independence. With the onset of war in Ukraine, cyber criminals have taken to abusing these har
Haruna is ransomware that has been discovered by our team during the analysis of malware samples submitted to VirusTotal. We have found that Haruna encrypts files (it targets certain file formats), appends the ".Haruna" extension to filenames, and displays a ransom note in a pop-up window. An exa
SmartTransaction is an adware-type application that our research team discovered while reviewing new submissions to VirusTotal. We also learned that this app belongs to the AdLoad malware family. Adware may require certain conditions to run intrusive advertisement campaigns (i.e., displa
Our malware researchers have discovered SmartTask while checking the samples on VirusTotal. After examining SmartTask, it was found that this app displays various advertisements. Apps that operate this way are classified as adware. In most cases, adware is distributed using questionable methods.
Sdjm is malware belonging to a family of ransomware called Djvu. We have discovered this ransomware variant while checking VirusTotal for recently submitted malware samples. Sdjm encrypts files and appends the ".sdjm" extension to filenames (for example, it renames "1.jpg" to "1.jpg.sdjm", "2.exe"
Herebelf[.]xyz is a deceptive website designed to trick visitors into allowing it to show notifications. Also, it redirects visitors to other shady pages. Our team has discovered herebelf[.]xyz while testing various websites that use rogue advertising networks. Herebelf[.]xyz uses a clickb
SABS is ransomware - malware that encrypts files. We have discovered it while checking VirusTotal for recently submitted malware samples. It was found that SABS not only encrypts but also renames files (by appending the ".SABS" extension to filenames) and creates the "RESTORE_FILES_INFO.txt" file
Mydailynewz[.]com is a rogue website our research team discovered while inspecting untrustworthy sites. It is designed to promote browser notification spam and redirect visitors to other unreliable/malicious webpages. Most visitors access pages like mydailynewz[.]com unintentionally via redirects
During a routine inspection of rogue websites, our researchers found the dollarsurvey24[.]com page. It is designed to load deceptive content, promote browser notification spam, and redirect visitors to other dubious/malicious sites. Most visitors to dollarsurvey24[.]com and similar webpages access