Our inspection of the "SECRETO PROFESIONAL Y CONFIDENCIAL" email revealed that it is spam used to proliferate malware. This letter is in Spanish and claims to contain highly confidential information in the attachment (although it does not specify further). This email is designed to trick recipien
Hachiman is screen-locking ransomware that locks the screen (operates as a screen locker) and displays a ransom note explaining how to unlock the screen. Hachiman was discovered by Karsten Hahn. It is worth mentioning that Hachiman does not encrypt any files. Screenshot of the ransom note disp
ProcessorProgression is an application that our research team found while looking through new submissions on VirusTotal. Following our inspection of this app, we determined that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware is des
TheADSBlockSearch is a browser hijacker that promotes theadsblocksearch.com - a fake search engine. This application hijacks a web browser by changing its certain settings. Typically, apps of this type are promoted (and distributed) using shady methods. Thus, users download and install them inadve
Placebonusextra[.]com is a rogue webpage that our researchers discovered while inspecting questionable sites. This page is designed to promote deceptive material, push browser notification spam, and redirect visitors to other (likely untrustworthy/malicious) websites. Most users enter webpages li
After analyzing the HDPDFConverterSearch browser extension, we determined that it operates as a browser hijacker. This piece of software modifies browser settings to promote the hdpdfconvertersearch.com fake search engine. Following successful installation onto our test machine, HDPDFConve
Discovered during a routine inspection of new malware submissions to VirusTotal, Gzgzqc is a ransomware-type program. It is designed to encrypt data and demand ransoms for the decryption. We determined that Gzgzqc belongs to the Snatch ransomware family. After being launched onto our test system,
Prynt is a stealer-type malicious program, which our research team found while inspecting malware selling hotspots. This piece of malicious software is designed to obtain a wide variety of sensitive information from infected systems. Prynt Stealer has multiple functionalities that allow it to exfi
Eagle Monitor is the name of a remote access Trojan (RAT) written in C# and Visual Basic programming languages. It allows the attackers to remotely control infected computers. Typically, RATs are used to steal sensitive information, inject additional malware, spy on victims, etc. We have discovere
We have examined the yt-convert[.]com website and found that it uses rogue advertising networks. It redirects visitors to questionable websites. This page is presented as a site allowing visitors to download videos from YouTube in MP3 and MP4 formats. It is worth knowing that it is not entirely le