During a routine inspection of new malware submissions on VirusTotal, our researcher team found the Qd45h ransomware. Once launched onto our test system, this malicious program began encrypting files and appending their filenames with a random character string and the ".qd45h" extension. For exam
As its name implies, the Movie Reviews & Search | Movies Tab browser extension is endorsed as a tool for easy access to films, information about their reception, trailers, and other related content. After analyzing this piece of software, our researchers determined that it is a browser hijack
Orderstartir[.]com is a deceptive website designed to display a fake CAPTCHA to get permission to show notifications and redirect visitors to other shady websites. Our team has discovered this site while visiting illegal streaming pages, torrent sites, and other websites that use rogue advertising
After inspecting the "QUOTE YOUR BEST PRICE" email, our researchers determined that it is malspam. Scam emails designed to distribute malware are sent through mass-scale spam campaigns (malspam). The email in question is yet another example of the purchase/product scam model, whereby recipients a
K7bzc is ransomware that our team has discovered while checking VirusTotal for recently submitted malware samples. After analyzing K7bzc, we found that it encrypts files and appends a string of random characters and the ".k7bzc" extension to filenames. It also creates the "28EF_HOW_TO_DECRYPT.txt"
MicroLocator is an application our research team discovered while inspecting new submissions to VirusTotal. Having analyzed it, we determined that it is an adware-type app belonging to the AdLoad malware family. Adware can require certain specifications to run intrusive advertisement cam
Eucy is ransomware that our malware researchers have discovered while analyzing the samples submitted to VirusTotal. After testing Eucy, we have found that it encrypts files, appends the ".eucy" extension to filenames, and generates a ransom note (the "_readme.txt" file). For example, it renames "
"Removal From Server Has Been Approved And Initiated" is a spam email received and subsequently analyzed by our researchers. We have determined that it is a phishing scam targeting recipients' email account log-in credentials. The spam email is presented as an urgent warning from the recip
AccessibleSection is an untrustworthy application that our malware researchers have discovered while examining deceptive websites. Once installed, this application starts generating unwanted advertisements. AccessibleSection is typical adware. We have tested plenty of adware-type apps (v
We have discovered the To find result application on a shady website encouraging us to add an unspecified browser extension. After adding To find result to a browser, we have noticed that it changed its settings - it hijacked a browser to promote togosearching.com (a fake search engine). O