"HTML/Phishing" refers to HTML-based content primarily used for phishing. HTML stands for HyperText Markup Language - a language for content designed to be displayed on a Web browser. Phishing is a scam in which victims are tricked into disclosing sensitive information. However, material classifie
HyperText Markup Language (HTML) is a content language for Internet browser display. Hence, "HTML/Fraud" refers to HTML-based content used for fraudulent purposes. Additionally, "HTML/Fraud" or similar variations are used by some anti-virus programs as detection names. This term encompasses a wid
Our team has discovered this scam while examining reported online scams (this one was first reported by Mich). We learned that scammers behind it attempt to steal cryptocurrency wallets (obtain login credentials used to access them). They promote this scam by wriging private messages on Discord (a
Pandora (a rebranded version of Rook ransomware) is the name of ransomware that was discovered by MalwareHunterTeam. After analyzing the sample submitted to VirusTotal, our malware researchers found that Pandora encrypts files and appends ".pandora" extension to filenames. It provides a ransom not
JS/Agent Trojan is a detection name for malicious JavaScript files. Typically, such files (malicious codes) are distributed by injecting them into legitimate websites. Computers get infected after a malicious (or legitimate but compromised) website is visited, and a malicious file is dropped.
Health Adviser is advertised as an app for finding meal plans and recipes. It helps users to learn how to cook. We have discovered this app on a deceptive website offering to download a "recommended Chrome extension". After installing and examining the Health Adviser app, we found that it operates
During a routine inspection of deceptive download pages, our research team discovered the Rainbow Blocker browser extension. This piece of software claims to be an adblocker (online advertisement remover); instead, it operates as adware. After analyzing Rainbow Blocker, we learned that it displays
Our malware researchers have discovered Xcbg while examining malware samples submitted to VirusTotal. It was found that Xcbg is ransomware designed to encrypt and rename files (append the ".xcbg" extension to filenames) and create the "_readme.txt" file. We also learned that Xcbg belongs to the Dj
Kqgs is a ransomware-type program that our research team discovered during a routine inspection of new malware submissions to VirusTotal. We determined that Kqgs belongs to the Djvu ransomware family. After analyzing this malicious program, we learned that it encrypts data and appends the filenam
This malware was discovered by Petrovic. It was found that Bpqd operates as ransomware - it encrypts files. Also, it appends the ".bpqd" extension to filenames (for example, renames "1.jpg" to "1.jpg.bpqd", "2.png" to "2.png.bpqd"), and creates a ransom note ("_readme.txt" file). Bpqd is part of t