Our analysis of the "Due To Recent Upgrade Or Error" email uncovered that it is spam use for phishing purposes. This letter baits recipients into disclosing their email account log-in credentials by claiming that the password will expire soon. When users press either of the links in the email, the
SiMay is the name of malware designed to allow an attacker to remotely control/access an infected computer. This type of malware is called a Remote Administration Trojan (RAT). RATs are used to steal information or files, distribute malware, and for other purposes. We have discovered SiMay while e
Unlocker is a ransomware-type program. After being launched on our test machine, this ransomware encrypted files and appended their filenames with ".[unlocker@onionmail.org].[victim's_ID].lock", consisting of the attackers' email address, a unique ID assigned to the victim, and the ".lock" extensi
Bomber is ransomware variant that belongs to the Amnesia ransomware family. We have discovered Bomber ransomware while checking VirusTotal for recently submitted malware samples. This variant encrypts files and modifies filenames by replacing their names with a string of random characters and appe
Our team has tested the BrowserDisplay application and found that it operates as adware - it generates intrusive advertisements. We have discovered this application while examining various shady websites. Typically, apps like BrowserDisplay are promoted and distributed using deceptive methods.
Noobilubi[.]com displays deceptive content to trick visitors into allowing it to show notifications and redirects them to other pages designed to do the same. Typically, these pages do not get visited on purpose. Our team has discovered noobilubi[.]com during periodical research on other shady web
The purpose of hipnoticrec[.]biz is to trick visitors into agreeing to receive notifications and redirect them to shady websites. We have discovered hipnoticrec[.]biz while examining web pages that use rogue advertising networks. It cannot be trusted or should be allowed to deliver notifications.
Our research team found the express-new[.]com rogue webpage during a routine inspection of untrustworthy sites. It is designed to lure visitors into allowing it to deliver browser notification spam. Express-new[.]com is also capable of redirecting users to other (likely unreliable/malicious) websi
17uoEtuihi6Lsg4hdedT7PUhF4FNgBPD2F is a clipper-type malicious program, which our researchers discovered while inspecting "cracked" software download websites. Also known as "clipboard hijackers", malware of this type is designed to replace the data copied into the clipboard. Clippers are used to
MetaStealer is the name of an information stealer. Our team has discovered MetaStealer after analyzing a malspam campaign - an email sent by cybercriminals with a malicious file (MS Excel document) attached to it. Malware of this type gathers login information, credit card details, and other sensi