Our team has discovered the QuickCouponSearch application on a shady website. After testing the app, it was concluded that QuickCouponSearch is a browser hijacker. This app hijacks web browsers by changing their settings. The purpose of QuickCouponSearch is to promote quickcouponsearch.com - a fak
Recently, it has been popular among scammers to send coronavirus-related emails to trick recipients into transferring money, providing sensitive information, and other purposes. We have examined this email and concluded that it is just another pandemic-related email scam. Scammers behind it attemp
News-govuhu[.]cc is a rogue site, which our researchers discovered while inspecting dubious webpages. It is designed to load questionable content, push browser notification spam, and redirect visitors to other (likely untrustworthy or malicious) websites. News-govuhu[.]cc and similar pages are ra
Kabil is ransomware based on another ransomware variant called Chaos. It encrypts files and appends ".kabil" extension to filenames. Also, Kabil changes the desktop wallpaper and creates the "read_it.txt" file (both containing ransom notes). Our malware researchers have discovered this ransomware
ProfessionalHelper is a rogue app that our research team discovered while inspecting new submissions to VirusTotal. Our analysis revealed that this application operates as adware. Additionally, we learned that ProfessionalHelper belongs to the AdLoad malware family. Adware may not displa
We have found a new ransomware variant from the Djvu family named Pphg while examining malware samples submitted to VirusTotal. It was found that Pphg encrypts files and appends the ".pphg" extension to filenames (for example, it renames "1.jpg" to "1.jpg.pphg", "2.jpg" to "2.jpg.pphg"), and creat
Allprofitsurvey[.]top is an untrustworthy website that displays deceptive content (runs a fake survey) and asks for permission to show notifications. We discovered this site while inspecting other untrustworthy pages (such as illegal movie streaming and torrent sites) that use shady advertising ne
While researching untrustworthy sites, we discovered the desktopnotificationsonline[.]com webpage. This rogue page is designed to push browser notification spam and redirect visitors to other (likely unreliable/hazardous) websites. Most users enter rogue pages via others that use rogue advertising
SunnyDay is the name of ransomware that we discovered while inspecting malware samples submitted to VirusTotal. Our malware researchers found that SunnyDay encrypts files, appends ".SunnyDay" extension to filenames, and generates a ransom note (the "!-Recovery_Instructions-!.txt" file). An exampl
Discovered by the MalwareHunterTeam, Goose is a piece of malicious software categorized as ransomware. We sampled it from VirusTotal and analyzed it. After being released on our test machine, the Goose ransomware began encrypting files. However, unlike most malicious programs of this type, it did