We have discovered a new Djvu ransomware variant called Nuhb. It was found while examining malware samples submitted to VirusTotal. While analyzing Nuhb, we learned that it encrypts files and appends the ".nuhb" extension to filenames. Also, it provides a ransom note - it creates a text file named
Dwqs encrypts files and appends the ".dwqs" extension to filenames. Also, it creates the "_readme.txt" file (a ransom note). Dwqs is ransomware that belongs to the Djvu family. We have discovered this ransomware variant while inspecting malware samples submitted to the VirusTotal page. An example
We have discovered the MajorLauncher application while auditing shady websites offering to install software updates (download a fake Adobe Flash Player installer). While testing the app, we found that it operates as adware - it generates unwanted advertisements. Typically, apps like Majo
Notadsreviews[.]com is a shady website that displays deceptive content to trick visitors into allowing it to show notifications. Moreover, it redirects to other untrustworthy websites. Our team has discovered notadsreviews[.]com while examining pages that use rogue advertising networks. No
We have discovered this app on a deceptive website offering to download a software update. After installing and examining the OnlineDisplay, we found that it operates as adware - it displays annoying advertisements. It is worth mentioning that there are plenty of apps like OnlineDisplay, and mos
make dark is the name of a typical advertising-supported application. The purpose of such apps is to generate annoying advertisements. Typically, they are promoted and distributed using questionable (often deceptive) methods. Our team has discovered at least two shady websites promoting the make d
Extra-Dark is a browser extension supposedly capable of enabling dark mode for simple design websites. Our research team discovered this piece of software while inspecting dubious download webpages. After analyzing Extra-Dark, we determined that it operates as adware. Adware may require ce
Stopfiles is ransomware that belongs to the MedusaLocker ransomware family. It encrypts files and appends the ".stopfiles" extension to filenames. We have discovered it while checking the VirusTotal for recently submitted malware samples. Stopfiles provides a ransom note in the "Recovery_Instructi
While inspecting untrustworthy websites, we found the kerbians[.]click rogue page. It operates by loading deceptive material, promoting spam browser notifications, and causing redirects to (likely dubious/malicious) sites. Webpages likes kerbians[.]click are usually accessed inadvertently. Most us
blockZ is a piece of malicious software categorized as ransomware. Our research team discovered this program while inspecting new malware submissions to VirusTotal. After we executed a sample of blockZ on our test system, it encrypted files and appended their filenames with a ".blockZ" extension.