We have discovered the blinkweb[.]net page while inspecting websites using questionable advertising networks (mainly illegal streaming, adult dating, torrent, and similar sites). We have examined blinkweb[.]net and learned that it uses a clickbait technique to trick visitors into allowing it to sh
We have discovered the Blender ransomware while checking the malware samples submitted to VirusTotal. We found that it is part of the VoidCrypt ransomware family. After testing the ransomware, we learned that it encrypts files, modifies their filenames, and provides ransom notes in a pop-up window
While inspecting websites that use rogue advertising networks, we discovered the click-and-continue[.]live website. It is designed to push its spam browser notifications, load questionable content, and redirect visitors to other untrustworthy/hazardous webpages. Most visitors to click-and-continu
Our researchers detected VSOP ransomware during a routine inspection of new malware submission on VirusTotal. While analyzing a sample, we learned that this ransomware encrypts files and appends their names with a ".PPLIT" extension. To elaborate, a file initially titled "1.jpg" appeared as "1.jpg
YouTube Ad Remover is a rogue browser extension, which we have researched. On its "official" site, this extension is promoted as a tool capable of blocking advertisements on YouTube videos. However, we found that when installed on Google Chrome, YouTube Ad Remover promises only to auto-skip said a
We have examined the next-notification[.]com page and concluded that the main purpose of this page is to trick visitors into allowing it to show notifications. Our team has discovered next-notification[.]com while browsing illegal streaming, torrent sites, and similar pages that use questionable a
Newexploit is the name of a ransomware-type program, which our researchers have sampled from VirusTotal. Once launched on our test machine, Newexploit encrypted files and appended their filenames with a ".exploit" extension. For example, a file initially named "1.jpg" afterwards looked like "1.jpg
We have spotted the Digital Info extension on a shady website offering to update an installed extension. After adding this app to the Chrome browser and testing it, we have learned that it generates advertisements. Therefore, we have categorized this app as advertising-supported software.
After analyzing this email, we have discovered that it is a phishing email (it contains a link to a phishing website). Scammers behind it attempt to trick recipients into providing personal information such as email addresses and passwords required to access Microsoft and possibly other accounts.
While investigating rogue websites, our researchers discovered that theironnews[.]site is an untrustworthy page designed to promote spam browser notifications. It can also redirect visitors to other unreliable and dangerous sites. Most users access webpages like theironnews[.]site via others using