ALBASA is ransomware that encrypts and renames files and generates a ransom note. We have discovered it while examining the malware samples submitted to VirusTotal. ALBASA appends the ".ALBASA" extension to filenames (for example, it renames "1.jpg" to "1.jpg.ALBASA", "2.jpg" to "2.jpg.ALBASA"). I
We have discovered searcheq.com while analyzing browser hijackers downloaded from shady websites. We have found at least two browser-hijacking apps that promote searcheq.com - Easy Search and EQSearch. After testing the searcheq.com site, we learned that it is a fake search engine. Our tea
We have discovered the utilityextensionnewtab[.]com page while visiting other shady sites (one of them is orderstartir[.]com). Typically, these pages get opened accidentally. The purpose of utilityextensionnewtab[.]com is to obtain permission to show notifications and promote an app called "Search
AdvancedDisplay is an untrustworthy application that functions as adware - it bombards users with annoying/unwanted advertisements. We have discovered this adware while examining deceptive websites. As a rule, such apps get downloaded and installed unknowingly. Our team has tested numero
NavigateIndex is an adware-type application that our research team discovered while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that NavigateIndex belongs to the AdLoad malware family. After being installed onto our test system, Navigat
Our malware researchers have discovered the Ztcmq ransomware while analyzing the samples submitted to VirusTotal. After the examination of Ztcmq, we found that it encrypts files, modifies their filenames (by appending a string of random characters and the ".ztcmq" extension to their names), and cr
During a routine inspection of new malware submissions on VirusTotal, our researcher team found the Qd45h ransomware. Once launched onto our test system, this malicious program began encrypting files and appending their filenames with a random character string and the ".qd45h" extension. For exam
As its name implies, the Movie Reviews & Search | Movies Tab browser extension is endorsed as a tool for easy access to films, information about their reception, trailers, and other related content. After analyzing this piece of software, our researchers determined that it is a browser hijack
Orderstartir[.]com is a deceptive website designed to display a fake CAPTCHA to get permission to show notifications and redirect visitors to other shady websites. Our team has discovered this site while visiting illegal streaming pages, torrent sites, and other websites that use rogue advertising
After inspecting the "QUOTE YOUR BEST PRICE" email, our researchers determined that it is malspam. Scam emails designed to distribute malware are sent through mass-scale spam campaigns (malspam). The email in question is yet another example of the purchase/product scam model, whereby recipients a