While inspecting new malware submissions to VirusTotal, our research team discovered the Strip4you ransomware. We determined that this malicious program is part of the Xorist ransomware family. On our test machine, Strip4you encrypted files and appended their filenames with a ".strip4you" extensi
We have discovered malware called Quantum while analyzing the samples submitted to the VirusTotal page. It was learned that Quantum is ransomware that encrypts files and appends the ".quantum" extension to filenames. It also generates an HTML file named "README_TO_DECRYPT.html" containing a ransom
After analyzing the "E-mail To You From An Account Of Yours" letter, our researchers determined that it is a sextortion scam. This email falsely claims that the sender has an explicit video of the recipient, which will be leaked to their contacts - unless a ransom is paid. It must be emphasized t
Desktopnotificationsnews[.]com is a deceptive website that we have discovered while analyzing torrent, illegal movie streaming, and other sites that use shady advertising networks. After examining desktopnotificationsnews[.]com, we learned that it attempts to trick visitors into allowing it to sho
It is a pop-up scam displayed by a deceptive website that our team has discovered while examining sites (illegal movie streaming, torrent, and similar sites) that use rogue advertising networks. We found that the purpose of this scam is to trick visitors into believing that their computers are inf
During a routine inspection of untrustworthy websites, our researchers discovered the vinkens[.]com deceptive site. When we inspected this page, we learned that it promotes several scams. While they make different claims, their goals are likely the same - to endorse untrustworthy or malicious so
DOC/TrojanDownloader.Agent is a detection name for malicious Microsoft Office documents (for example, Word, Excel). The purpose of such documents is to infect computers with malware. Computers get infected once macros commands in these documents are enabled. Most cybercriminals disguise them as in
During a routine inspection of rogue webpages, our researchers discovered ourcommonstories[.]com. This site is designed to push browser notification spam and redirect visitors to other (likely untrustworthy/harmful) websites. It is noteworthy that most visitors to pages like ourcommonstories[.]com
While inspecting shady websites, our researchers found Apollo Tab's promotional page. This browser extension is presented as a tool that supposedly allows users to customize the browser's homepage and "stimulate [their] productivity". After analyzing this piece of software, we learned that Apollo
When looking through support forums, our research team learned of the Ranger3X ransomware (a new variant of TeslaRVNG) from a report made by a victim's representative. We have sampled this malware from VirusTotal and executed it on our test machine. Ranger3X encrypted the files on our test system