Bozon is a piece of malicious software classified as ransomware, which our research team discovered while checking out new submissions to VirusTotal. Once a sample was executed on our test system, the ransomware began encrypting files and appending their filenames with a ".bozon" extension. For e
While inspecting dubious download pages, our research team discovered the Protected-Browsing browser extension. After analyzing this piece of software, we determined that it operates as a browser hijacker promoting the protected-browsing.xyz fraudulent search engine. With Protected-Browsin
Our researchers discovered infos-et-potins[.]com while inspecting dubious websites. This rogue page promotes spam browser notifications and redirects visitors to other (likely untrustworthy or malicious) websites. Most users enter infos-et-potins[.]com and similar webpages via redirects caused by
max dark is an application that is supposed to provide a dark mode for websites. We have discovered at least two deceptive websites promoting this app. After installing and testing max dark, we learned that it generates advertisements. Apps displaying unwanted ads are classified as adware.
Scroll to Top is described as an application allowing users to quickly get back to the top (or bottom) of the page. We have tested this app and learned that it is an advertising-supported browser extension - it generates advertisements. We also found that Scroll to Top is promoted using a deceptiv
Zoutubephaid[.]com is a rogue webpage designed to push browser notification spam and redirect visitors to different (likely unreliable/malicious) websites. Our researchers discovered this page while inspecting websites that use rogue advertising networks. Redirects caused by such sites are how mo
Our analysis of the "Due To Recent Upgrade Or Error" email uncovered that it is spam use for phishing purposes. This letter baits recipients into disclosing their email account log-in credentials by claiming that the password will expire soon. When users press either of the links in the email, the
SiMay is the name of malware designed to allow an attacker to remotely control/access an infected computer. This type of malware is called a Remote Administration Trojan (RAT). RATs are used to steal information or files, distribute malware, and for other purposes. We have discovered SiMay while e
Unlocker is a ransomware-type program. After being launched on our test machine, this ransomware encrypted files and appended their filenames with ".[unlocker@onionmail.org].[victim's_ID].lock", consisting of the attackers' email address, a unique ID assigned to the victim, and the ".lock" extensi
Bomber is ransomware variant that belongs to the Amnesia ransomware family. We have discovered Bomber ransomware while checking VirusTotal for recently submitted malware samples. This variant encrypts files and modifies filenames by replacing their names with a string of random characters and appe