We have discovered the To find result application on a shady website encouraging us to add an unspecified browser extension. After adding To find result to a browser, we have noticed that it changed its settings - it hijacked a browser to promote togosearching.com (a fake search engine). O
Johnquickhelper is a piece of malicious software categorized as ransomware, which our research team discovered while inspecting new submissions to VirusTotal. After analyzing Johnquickhelper, we determined that it encrypts files and renames them by appending an extension consisting of four random
We have discovered Ckae ransomware while checking samples submitted to VirusTotal. After analyzing the malware, we learned that it encrypts files, changes file extensions (by appending the ".ckae" extension), and generates a text file ("_readme.txt") containing a ransom note. We also found that C
We have discovered the Movieztab Default Search browser extension while examining questionable websites. After adding this app, we have noticed that it changed some of the settings to movieztab.com - a fake search engine. This led us to the conclusion that Movieztab Default Search is a browser hij
Film Links Now | Digital Content Online is a browser extension endorsed as a tool for easy access to movies and film-related content. After analyzing it, our researchers determined that this extension is a browser hijacker promoting the filmlinksnow.com fake search engine. After being inst
During a routine inspection of rogue websites, our research team discovered gr4phic-4rt[.]xyz - a page designed to host deceptive content, push browser notification spam, and redirect visitors to other untrustworthy/malicious sites. Most users enter webpages of this kind via redirects caused by si
Our malware researchers have discovered the Cantopen ransomware while checking the samples submitted to VirusTotal. After analyzing this ransomware, we have learned that it appends the ".cantopen" extension to filenames of all encrypted files and creates the "HELP_DECRYPT_YOUR_FILES.txt" text file
News-heceye[.]cc is a rogue website our researchers discovered while inspecting untrustworthy pages. This webpage is designed to load questionable material, promote browser notification spam, and redirect visitors to other unreliable/malicious sites. Most visitors to news-heceye[.]cc and similar
We have discovered the system-dating[.]top site after receiving a shady email. Our team has examined system-dating[.]top and found that it is designed to trick visitors into agreeing to receive notifications. Additionally, it can open adult pages and other potentially malicious sites. Syst
Discovered during a routine inspection of VirusTotal submissions, Tor is a ransomware-type program. Our researchers have determined that it belongs to the Paradise malware family. Once launched on our test system, Tor began encrypting files and appending their filenames with a "_decryptor_{victim