Our team has discovered this scam while examining reported online scams (this one was first reported by Mich). We learned that scammers behind it attempt to steal cryptocurrency wallets (obtain login credentials used to access them). They promote this scam by wriging private messages on Discord (a
Pandora (a rebranded version of Rook ransomware) is the name of ransomware that was discovered by MalwareHunterTeam. After analyzing the sample submitted to VirusTotal, our malware researchers found that Pandora encrypts files and appends ".pandora" extension to filenames. It provides a ransom not
JS/Agent Trojan is a detection name for malicious JavaScript files. Typically, such files (malicious codes) are distributed by injecting them into legitimate websites. Computers get infected after a malicious (or legitimate but compromised) website is visited, and a malicious file is dropped.
Health Adviser is advertised as an app for finding meal plans and recipes. It helps users to learn how to cook. We have discovered this app on a deceptive website offering to download a "recommended Chrome extension". After installing and examining the Health Adviser app, we found that it operates
During a routine inspection of deceptive download pages, our research team discovered the Rainbow Blocker browser extension. This piece of software claims to be an adblocker (online advertisement remover); instead, it operates as adware. After analyzing Rainbow Blocker, we learned that it displays
Our malware researchers have discovered Xcbg while examining malware samples submitted to VirusTotal. It was found that Xcbg is ransomware designed to encrypt and rename files (append the ".xcbg" extension to filenames) and create the "_readme.txt" file. We also learned that Xcbg belongs to the Dj
Kqgs is a ransomware-type program that our research team discovered during a routine inspection of new malware submissions to VirusTotal. We determined that Kqgs belongs to the Djvu ransomware family. After analyzing this malicious program, we learned that it encrypts data and appends the filenam
This malware was discovered by Petrovic. It was found that Bpqd operates as ransomware - it encrypts files. Also, it appends the ".bpqd" extension to filenames (for example, renames "1.jpg" to "1.jpg.bpqd", "2.png" to "2.png.bpqd"), and creates a ransom note ("_readme.txt" file). Bpqd is part of t
Financesurvey[.]site is a deceptive website that displays a fake survey, asks for permission to show notifications, and promotes other websites. Our team has discovered this site while examining illegal movie streaming, torrent, and similar pages. It was concluded that this page cannot be trusted.
Our team has discovered a ransomware variant called Report while inspecting the malware samples submitted to VirusTotal. It was found that Report is of the ransomware variants that belong to the Xorist family. Once executed, it encrypts files and appends the ".report" extension to filenames. Repo