Sdjm is malware belonging to a family of ransomware called Djvu. We have discovered this ransomware variant while checking VirusTotal for recently submitted malware samples. Sdjm encrypts files and appends the ".sdjm" extension to filenames (for example, it renames "1.jpg" to "1.jpg.sdjm", "2.exe"
Herebelf[.]xyz is a deceptive website designed to trick visitors into allowing it to show notifications. Also, it redirects visitors to other shady pages. Our team has discovered herebelf[.]xyz while testing various websites that use rogue advertising networks. Herebelf[.]xyz uses a clickb
SABS is ransomware - malware that encrypts files. We have discovered it while checking VirusTotal for recently submitted malware samples. It was found that SABS not only encrypts but also renames files (by appending the ".SABS" extension to filenames) and creates the "RESTORE_FILES_INFO.txt" file
Mydailynewz[.]com is a rogue website our research team discovered while inspecting untrustworthy sites. It is designed to promote browser notification spam and redirect visitors to other unreliable/malicious webpages. Most visitors access pages like mydailynewz[.]com unintentionally via redirects
During a routine inspection of rogue websites, our researchers found the dollarsurvey24[.]com page. It is designed to load deceptive content, promote browser notification spam, and redirect visitors to other dubious/malicious sites. Most visitors to dollarsurvey24[.]com and similar webpages access
We have discovered the Meme Finder application on a deceptive website encouraging us to "download and install recommended Chrome extension". After examining this app, we have learned that it generates advertisements (operates as adware). It is described as an app allowing users to search and disco
"Cortana - It seems your PC is locked out" is a technical support scam, which our researchers found while inspecting sites that use rogue advertising networks. Scams of this type aim to trick users into calling fake helplines to resolve computer-related issues. Once on the line, victims are lured
The webjustpush[.]com site displays a fake CAPTCHA to trick visitors into allowing it to show notifications. Also, it redirects to other untrustworthy pages. Our team has discovered webjustpush[.]com while examining websites that use rogue advertising networks (various illegal movie streaming site
Jester Stealer was first analyzed by Cyble Research Labs when it surfaced on hacker forums back in July 2021. This piece of malicious software is designed to extract a wide variety of sensitive information from infected devices. Jester targets account credentials, browsing data, and financial/bank
We have discovered the Xgpr while checking VirusTotal for recently submitted malware samples. Xgpr is ransomware that encrypts files and provides instructions on how to contact the attackers for decryption. It generates two ransom notes: one in a pop-up window and another in the "FILES ENCRYPTED.t