Lightning Stealer is a piece of malware discovered by 3xp0rt. This stealer targets Steam, Telegram, Discord, and cryptocurrency wallet data, passwords, and cookies. It has its administration panel created to manage data logs. Lightning Stealer is sold for 300 rubles for a week, 500 rubles for a mo
We have discovered the reminderapp[.]store site while examining various shady websites that use rogue advertising networks. We found that it runs various scams that use scare tactics to trick visitors into downloading a certain application and displays other questionable content. Thus, remindera
Udla is ransomware that belongs to a ransomware family called Djvu. Our team has discovered the Udla ransomware variant while examining the samples submitted to VirusTotal. After analyzing it, we found that it encrypts files, appends the ".udla" extension to filenames, and creates the "_readme.txt
Gtys is ransomware that encrypts files and changes their extension to ".gtys". It is one of the variants belonging to the Djvu ransomware family. Our team has discovered it while checking malware samples submitted to VirusTotal. The ransom note ("_readme.txt" file) contains instructions on how to
Mpag is ransomware that encrypts files, modifies filenames by appending the ".mpag" extension to them, and creates a text file ("_readme.txt") containing a ransom note. Mpag is part of the Djvu ransomware family. We have discovered this variant while checking VirusTotal for recently submitted malw
Voom is the name of a Djvu ransomware variant that has been discovered by our team during the analysis of malware samples submitted to the VirusTotal page. This variant encrypts files and appends the ".voom" extension to filenames. It also generates the "_readme.txt" file containing contact and pa
Muse Miner is the name of a cryptocurrency miner. Our team has discovered it in a hacker forum. The cost of its weekly subscription is $25, the monthly subscription costs $80, and the lifetime subscription costs $500. Muse Miner mines Bitcoin (BTC), Ethereum (ETH), and Ethereum Classic (ETC) crypt
Mydefensivesoft[.]com is a deceptive website running the "McAfee - Your PC is infected with 5 viruses!" scam and asking for permission to show notifications. Our team has discovered it while analyzing other pages (illegal movie streaming, torrent, and similar pages) that use rogue advertising netw
Our team has discovered the SmartLauncher while examining shady websites that displayed deceptive content to trick visitors into downloading questionable applications. Once installed, SmartLauncher started to generate advertisements. Thus, we have concluded that SmartLauncher is a typical advert
ProcessorCactus is an untrustworthy application that is promoted using shady websites. After downloading and installing it, we learned that it operates as adware - it generates intrusive advertisements. It is not recommended not to have apps of this type installed on the operating system. Especi