One of the most commonly used ways to deliver malware is to send emails with malicious links or files (attachments) in them. Cybercriminals behind this particular email attempt to trick users into downloading and opening a malicious document designed to install RustyBuer. Typically, emails
Play-new-vids[.]com is a website designed to display deceptive content and open untrustworthy websites (it depends on the geolocation of its visitors). More examples of websites like play-new-vids[.]com are byluxrayor[.]com, deeepmedia[.]biz, and trking[.]xyz. As mentioned in the introduct
StreamSearching is a browser hijacker promoting the streamsearching.com fake search engine. This piece of software operates by making modifications to browser settings to cause redirects to streamsearching.com. Additionally, StreamSearching has data tracking abilities, which are used to spy on use
RustyBuer is the name of a new variant of the Buer loader. The main difference between the new and the original variants is that one is written in Rust multi-paradigm programming language, and another one is written in C programming language. Both RustyBuer and Buer function as loaders - they infe
Hive is a ransomware-type program. It operates by encrypting data and demanding ransoms for the decryption. In other words, this malware renders files inaccessible and demands payment for access recovery. During the encryption process, affected files are renamed following this pattern: original f
ThePDFConverterSearch is a potentially unwanted application (PUA), a browser hijacker designed to change a browser's settings to thepdfconvertersearch.com (to promote a fake search engine). It is worth mentioning that this application can read browsing history and possibly other browsing-related o
MacRunnerDaemon, or simply MacRunner, is a rogue piece of software belonging to the Pirrit adware family. It operates by running intrusive advertisement campaigns, i.e., delivering various ads. Additionally, adware usually has data tracking abilities, which are used to collect sensitive informat
There are many deceptive websites designed to look like official Microsoft (or other company's) pages and display fake virus and (or) error notifications with telephone numbers. Websites of this type are called technical support scams. Scammers behind these pages attempt to trick users into paying
Belonging to the Djvu ransomware family, Miis is a malicious program designed to encrypt data and demand ransoms for the decryption tools. In other words, victims cannot access the files affected by Miis ransomware, and they are asked to pay - to restore access to their data. During the encryptio
Leex ransomware variant belongs to the Djvu ransomware family. It encrypts files, appends its extension (".leex") to their filenames and creates the "_readme.txt" file as its ransom note. Leex renames encrypted files in this manner: it renames a file named "1.jpg" to "1.jpg.leex", "2.jpg" to "2.jp