Snick is ransomware that belongs to Makop family. Our team has discovered it while examining the malware samples submitted to VirusTotal. We found that Snick encrypts files and modifies their filenames, and creates the "readme-warning.txt" text file containing a ransom note. Snick ransomware rena
KernelReproduce is the name of an application that our team has discovered while studying the samples submitted to VirusTotal. After testing the app, we have found that KernelReproduce operates as adware - it generates advertisements. Usually, apps like KernelReproduce are distributed using ques
Bloom is a piece of advertising-supported software (adware), which our research team discovered while inspecting shady download pages. We have also noted that this application is practically identical to Tone adware. Once installed onto our test machine, Bloom began displaying advertisemen
XRED is ransomware that encrypts files (makes them unusable), creates the "read_it.txt" file, changes the desktop wallpaper, and appends four random characters to filenames. Our malware researchers have discovered this ransomware while examining the samples submitted to VirusTotal. An example of
Plus Darker is a browser extension advertised as a tool capable of enabling dark mode for simple websites. We have determined that this piece of software operates as a browser hijacker. Plus Darker changes browser settings to promote the getsins.com fake search engine, and it spies on users' brows
DIKE is ransomware that cybercriminals use to blackmail victims. It encrypts files and generates "info.hta" and "info.txt" files that contain ransom notes. We have discovered DIKE while checking VirusTotal for submitted malware samples. It was found that DIKE is part of the Phobos ransomware famil
Discovered by our researchers while inspecting untrustworthy websites, allowww[.]com is a rogue webpage. It operates by promoting browser notification spam and redirecting visitors to unreliable/malicious sites. Most users enter allowww[.]com and similar websites inadvertently. Users can access t
Next-message[.]com is an untrustworthy website designed to trick visitors into allowing it to show notifications. It uses a clickbait technique/displays deceptive content to get that permission. Our team has discovered next-message[.]com while inspecting pages that use rogue advertising networks.
Our team has analyzed this email and found that it is disguised as a letter from the email service provider. It contains a hyperlink that opens a phishing website asking to provide login credentials. The purpose of this phishing email is to trick recipients into providing their email account passw
Yoursecuresoft[.]com is a rogue website that promotes deceptive material, pushes browser notification spam, and redirects visitors to other unreliable/malicious sites. Our research team found this page while inspecting shady websites. Most users access yoursecuresoft[.]com and similar webpages vi