LKS is a piece of malicious software classified as ransomware that our research team discovered during a routine inspection of new submissions to VirusTotal. After analyzing this program, we determined that it belongs to the Phobos ransomware family. Once a sample was executed on our test system,
During a routine inspection of rogue websites, our researchers discovered the masterofkeeps[.]xyz website, which in turn resulted in us learning of the "Your Windows 10 is infected with viruses" scam. This scheme makes false claims about visitors' devices being infected in order to gain and subseq
Our malware researchers have found Escobar while inspecting hacker forums. It is a banking Trojan targeting Android users. We learned that at the moment, its developer is offering to purchase a monthly subscription of the Beta version for $3000. After reading the description of the Escobar
Koobn is a ransomware-type program that our research team sampled from VirusTotal. Malware of this type is designed to render data inaccessible and demand ransoms for the recovery. Once launched on our test machine, this ransomware encrypted files and appended their filenames with a random charac
We have discovered SSJ while analyzing the samples submitted to VirusTotal. It was concluded that SSJ is ransomware - malware that encrypts files. Additionally, SSJ appends the ".BUYBITCOIN" extension to filenames (for example, it renames "1.jpg" to "1.jpg.BUYBITCOIN", "2.png" to "2.png.BUYBITCOIN
During a routine inspection of untrustworthy websites, our research team found the mywebprotector[.]com page. This site promotes deceptive material, pushes browser notification spam, and redirects visitors to other unreliable and malicious webpages. While most users enter pages like mywebprotecto
Our team has discovered an adware-type application named ReviewVenture while inspecting the samples submitted to VirusTotal. Since ReviewVenture is adware, its purpose is to generate advertisements. In most cases, adware gets downloaded and installed inadvertently (it is promoted/distributed usi
While inspecting new submissions on VirusTotal, our researchers discovered the SolveCenter application. After analyzing it, we learned that SolveCenter operates as adware and is part of the AdLoad malware family. Adware can require certain conditions to run intrusive advertisement campai
Our malware researchers have discovered Vyia while checking the samples submitted to VirusTotal. They found that Vyia is ransomware that encrypts files, changes their extension, and creates the "_readme.txt" file. An example of how Vyia renames files: it changes "1.jpg" to "1.jpg.vyia", "2.png" t
Deeginews[.]com displays deceptive content to trick visitors into agreeing to receive notifications and redirects to shady websites. Our team has discovered deeginews[.]com while analyzing other sites that use rogue advertising networks. In most cases, sites like deeginews[.]com get visited uninte