Discovered by our research team while inspecting new malware submissions on VirusTotal, 1k3pl is a piece of malicious software categorized as ransomware. After being executed on our test system, 1k3pl began encrypting files and renaming them by appending the filenames with a random character stri
S-400 is the name of a Remote Access Trojan (RAT) that our research team found while inspecting new malware submissions to VirusTotal. Trojans of this type enable stealthy remote access and control over infected devices. RATs typically have a broad range of functionalities that allow them to perfo
Pushbus[.]com is a rogue website our researchers discovered while inspecting suspicious sites. This page promotes browser notification spam by using deception, and it can redirect visitors to other untrustworthy/malicious websites. Most visitors to such webpages enter them via others that use rogu
Forest Start Tabs is a browser hijacker designed to promote foreststarttabs.com - a fake search engine. It hijacks a web browser by changing its settings. Our malware researchers have discovered Forest Start Tabs while examining various deceptive websites and sites that use rogue advertising netwo
"Army of Ukraine need your support" is a scam email our researchers discovered and analyzed. This fake letter urges recipients to donate to the Ukrainian army in their efforts to protect their country's independence. With the onset of war in Ukraine, cyber criminals have taken to abusing these har
Haruna is ransomware that has been discovered by our team during the analysis of malware samples submitted to VirusTotal. We have found that Haruna encrypts files (it targets certain file formats), appends the ".Haruna" extension to filenames, and displays a ransom note in a pop-up window. An exa
SmartTransaction is an adware-type application that our research team discovered while reviewing new submissions to VirusTotal. We also learned that this app belongs to the AdLoad malware family. Adware may require certain conditions to run intrusive advertisement campaigns (i.e., displa
Our malware researchers have discovered SmartTask while checking the samples on VirusTotal. After examining SmartTask, it was found that this app displays various advertisements. Apps that operate this way are classified as adware. In most cases, adware is distributed using questionable methods.
Sdjm is malware belonging to a family of ransomware called Djvu. We have discovered this ransomware variant while checking VirusTotal for recently submitted malware samples. Sdjm encrypts files and appends the ".sdjm" extension to filenames (for example, it renames "1.jpg" to "1.jpg.sdjm", "2.exe"
Herebelf[.]xyz is a deceptive website designed to trick visitors into allowing it to show notifications. Also, it redirects visitors to other shady pages. Our team has discovered herebelf[.]xyz while testing various websites that use rogue advertising networks. Herebelf[.]xyz uses a clickb