This malware was discovered by Petrovic. It was found that Bpqd operates as ransomware - it encrypts files. Also, it appends the ".bpqd" extension to filenames (for example, renames "1.jpg" to "1.jpg.bpqd", "2.png" to "2.png.bpqd"), and creates a ransom note ("_readme.txt" file). Bpqd is part of t
Financesurvey[.]site is a deceptive website that displays a fake survey, asks for permission to show notifications, and promotes other websites. Our team has discovered this site while examining illegal movie streaming, torrent, and similar pages. It was concluded that this page cannot be trusted.
Our team has discovered a ransomware variant called Report while inspecting the malware samples submitted to VirusTotal. It was found that Report is of the ransomware variants that belong to the Xorist family. Once executed, it encrypts files and appends the ".report" extension to filenames. Repo
Our team has discovered the SmartProducts application while analyzing the samples submitted to VirusTotal. After examining the app, it was found that it generates advertisements - SmartProducts is an advertising-supported application. A big part of apps like SmartProducts is promoted and (or) di
We have discovered this pop-up scam while testing various websites that use rogue advertising networks (display shady ads and redirect visitors to untrustworthy pages). We concluded that the purpose of this pop-up scam is to trick visitors into believing that their computers are infected with malw
After examining the email, we have concluded that it is one of those scams used to scare recipients into transferring money to scammers. Scammers behind it attempt to trick recipients into believing that their computers are infected. They urge recipients to transfer a specified amount of Bitcoin t
After examining this email, our team has found that scammers behind it are pretending to raise money for Ukraine - they are taking advantage of the crisis to trick recipients into sending them money. This is not the first time scammers are exploiting the situation. Recently, lots of scammers were
Babesroulette[.]com is a rogue webpage designed to promote questionable content, push browser notification spam, and redirect visitors to other (likely untrustworthy/harmful) sites. Our research team discovered this page during a routine inspection of shady websites. Visitors to babesroulette[.]c
Discovered by our researchers while inspecting shady websites, emicalcove[.]xyz is a rogue page designed to push browser notification spam and redirect visitors to untrustworthy/malicious sites. Most users enter emicalcove[.]xyz and similar webpages via others that use rogue advertising networks.
Anime is the name of a ransomware-type program our research team discovered while checking out new submissions to VirusTotal. After launching a sample onto our test system, we learned that this ransomware appends the filenames of encrypted files with a ".anime" extension. For example, a file init