Gomorrah is an information-stealing malware. We obtained a sample from VirusTotal and subsequently analyzed this malicious program. We discovered that it primarily targets account credentials and credit card numbers. Gomorrah stealer begins its operations by gathering data about the follow
During a routine inspection of new malware submissions to VirusTotal, our research team found the Cat4er ransomware. When a sample was launched on our test machine, this malware encrypted files and appended them with the ".Cat4er" extension. For example, a filename like "1.jpg" appeared as "1.jpg
The chillsearch.xyz address (a fake search engine) became known to us after using a couple of fake Adobe Flash Player installers downloaded from deceptive websites. We have found that those installers hijacked a web browser - our browser opened chillsearch.xyz every time we entered a search quer
Bar1 New Tab is a browser hijacker. After analyzing this piece of software, our researchers determined that it modifies browser settings to promote the barone.live fake search engine. Additionally, Bar1 New Tab spies on users' browsing activity. After being installed onto our test machin
The kexvideo[.]ru is an untrustworthy website that our malware researchers have discovered while visiting pages that use questionable advertising networks. We have analyzed kexvideo[.]ru and found that it displays deceptive content to trick visitors into agreeing to receive notifications and redir
"FITS email virus" refers to a malware-proliferating spam campaign. These scam emails supposedly concern payment advice from FITS (Fire International Technical Services LLC). We must emphasize that this spam mail is not associated with any companies or other legitimate entities. After receiving a
We have discovered the PDFEditor application while checking the samples submitted to VirusTotal. Our team has tested PDFEditor and found that it has the qualities of adware - it is an advertising-supported application. Although, it is promoted as a PDF editor - a tool that allows users to edit PDF
We have discovered the Farattack ransomware while inspecting the samples that have been submitted to VirusTotal. During the analysis, we have found that Farattack has three main qualities: it encrypts files, appends the ".farattack" extension to filenames, and creates the "How_to_recovery.txt" tex
Qqqr is the name of ransomware belonging to a family of ransomware called Djvu. We have discovered this ransomware variant while examining the samples submitted to VirusTotal. After analyzing the Qqqr ransomware, we have found that it encrypts files, appends its extension (".qqqr") to filenames, a
Flv3mp3[.]com is an illegal audio (MP3) file downloading site that allows users to convert YouTube videos (via links) into said files. Our researchers found this website while inspecting shady pages. Like most sites that offer illegal/dubious services, flv3mp3[.]com uses rogue advertising networks