Qnty is a piece of malicious software classified as ransomware; it is designed to encrypt data and demand payment for the decryption. After obtaining a sample from VirusTotal, our researchers determined that Qnty belongs to the Djvu ransomware family. On our test machine, this malicious program e
Our malware researchers have discovered the Kl ransomware on VirusTotal (while checking for recently submitted malware samples). They have learned that Kl is part of the Dharma ransomware family. It encrypts files and appends the victim's ID, filekiller@onionmail.org email address, and the ".kl" e
See-what-is-buzzing[.]com is a rogue website designed to load dubious content, promote browser notification spam, and redirect visitors to other untrustworthy/harmful pages. Our research team discovered it while inspecting websites that use rogue advertising networks; redirects caused by such web
Godox is a ransomware-type program that our research team discovered while inspecting new submissions to VirusTotal. Additionally, we have determined that this piece of malicious software belongs to the VoidCrypt ransomware family. After this ransomware was released onto our test system, it encry
Our researchers determined that "Notification Of DHL Shipment" is a spam email. It is not associated with DHL - the logistics and delivery company; cyber criminals merely use the name to trick recipients into falling for the phishing scam. This fake notification targets email account log-in creden
During a routine inspection of new submissions to VirusTotal, our research team found another malicious program belonging to the Djvu ransomware family. It is called Ccps, and it is designed to encrypt data and demand payment for the decryption. On our test machine, this ransomware encrypted file
We have found out about the pushnott[.]com website after visiting sites (illegal movie streaming, torrent sites) that use shady advertising networks. Our team has analyzed pushnott[.]com and learned that it attempts to get permission to show notifications and redirects to similar pages. Pu
TikTok Finder is a browser extension promising easy access to and search options on TikTok - the video-focused social media platform. Our researchers found this piece of software while inspecting dubious sites promoted by browser notification spam. After analyzing TikTok Finder, we determined it t
We have discovered disturbmachine[.]xyz while examining websites that use rogue advertising networks (such as torrent sites, illegal movie streaming pages). After analyzing disturbmachine[.]xyz, we have concluded that it displays deceptive content to promote legitimate software and asks for permis
Discovered by our researchers while inspecting sites that use rogue advertising networks, Film Links Now | Default Search is a rogue browser extension. We determined that this piece of software is a browser hijacker. It modifies browser settings and promotes the filmlinksnow.com fake search engine