We discovered AMC ransomware while inspecting ransomware samples submitted to VirusTotal. While analyzing the AMC ransomware sample, we saw that it encrypts files and appends a different extension (containing four random characters) to filenames. For example, AMC has renamed "1.jpg" file to "1.jp
When inspecting recently submitted ransomware samples to VirusTotal, we discovered and analyzed a new variant named 4ywda. This malicious program is designed to encrypt data (lock files) and demand payment for the decryption. During our analysis, it appended affected files with a random character
Security-defender[.]xyz is a website that our malware researchers have discovered while looking for pages designed to trick visitors into agreeing to receive deceptive notifications. It is an untrustworthy page asking for permission to deliver notifications and displaying deceptive content.
Our researchers have found yet another adware-type application called DigitalProgram. We have concluded that this piece of software operates as adware. It also belongs to the AdLoad malware family. We have researched many samples from said group, and while during our testing - we did not observ
PseudoManuscrypt is the name of the malware that spies on victims. It is similar to another malware called Manuscrypt. We have discovered PseudoManuscrypt while checking installers for pirated software (one of the examples is a fake pirated installer for SolarWinds - a network monitoring software)
KeyWright displays advertisements and promotes a fake search engine. It is advertising-supported software that has traits of a browser hijacker. Additionally, KeyWright can read sensitive information from websites. Usually, apps of this kind are promoted and distributed using questionable (often
GlobalProcesser is advertising-supported software, which means it generates advertisements. Also, this app hijacks a web browser (changes its settings) to promote a fake search engine. GlobalProcesser is distributed using a fake Adobe Flash Player installer. GlobalProcesser displays adve
Gloonseetaih[.]com is a site designed to deceive visitors into receiving its browser notifications and/or redirect them to other unreliable/malicious webpages. Additionally, this website may load dubious content. It is noteworthy that pages like gloonseetaih[.]com are usually entered via others th
GetSportSearch is a browser hijacker that promotes the getsportsearch.com fraudulent search engine. Additionally, browser hijackers are categorized as PUAs (Potentially Unwanted Applications). Browser hijackers reassign browsers' homepage, new tab/window, and default search engine URLs to
MMRAC is a piece of malicious software categorized as ransomware. It encrypts files (renders data inaccessible) and demands payment for the decryption. Compromised files are appended with a ".MRAC" extension. For example, a file initially titled "1.jpg" would look like "1.jpg.MRAC", "2.jpg" as "2