Qmam4 is a piece of malicious software categorized as ransomware. Our research team found this malware during a routine inspection of new submissions on VirusTotal. While analyzing a sample of Qmam4, we learned that it renames the encrypted files by appending their filenames with a random charact
Webpushworld[.]com is a deceptive page designed to trick visitors into agreeing to receive its notifications. We have discovered it while visiting other shady websites and examining ads displayed on them. Webpushworld[.]com is promoted mainly through websites that use rogue advertising networks.
Our malware researchers have discovered T800 ransomware while checking malware samples submitted to VirusTotal. After analyzing the sample, we concluded that T800 encrypts files and keeps them inaccessible until a ransom is paid. Also, it renames files (appends the ".t800" extension to filenames)
While analyzing untrustworthy websites, our researchers discovered the myjollyrudder[.]com page. It is designed to load deceptive content, push browser notification spam, and redirect visitors to other unreliable/harmful sites. Most users access webpages like myjollyrudder[.]com via redirects caus
We have discovered the verifyisreal[.]com site while visiting illegal movie streaming, torrent, and similar sites. We found that it redirects visitors to other websites and uses a clickbait technique to trick visitors into allowing it to display notifications. Verifyisreal[.]com shows a fa
Remarksearch.com is the address (URL) of an illegitimate search engine, which our researchers discovered while analyzing browser-hijacking software. Search engines of this type usually generate revenue by collecting information about their users. They are promoted by browser hijackers, which mod
NetMacro is a rogue app that our researchers discovered while looking through new submissions to VirusTotal. After analyzing NetMacro, we determined that it is a piece of advertising-supported software (adware) that belongs to the AdLoad malware family. Adware may require certain factors
ALBASA is ransomware that encrypts and renames files and generates a ransom note. We have discovered it while examining the malware samples submitted to VirusTotal. ALBASA appends the ".ALBASA" extension to filenames (for example, it renames "1.jpg" to "1.jpg.ALBASA", "2.jpg" to "2.jpg.ALBASA"). I
We have discovered searcheq.com while analyzing browser hijackers downloaded from shady websites. We have found at least two browser-hijacking apps that promote searcheq.com - Easy Search and EQSearch. After testing the searcheq.com site, we learned that it is a fake search engine. Our tea
We have discovered the utilityextensionnewtab[.]com page while visiting other shady sites (one of them is orderstartir[.]com). Typically, these pages get opened accidentally. The purpose of utilityextensionnewtab[.]com is to obtain permission to show notifications and promote an app called "Search