Our researchers found the BAFAIAI ransomware while inspecting new file submissions to the VirusTotal site. This malicious program is part of the MedusaLocker ransomware family. BAFAIAI encrypts files and creates a ransom note. It adds a ".BAFAIAI" extension to their filenames. For example, a file
Eternidade is a malicious program written in the Delphi programming language. It is a stealer and banking trojan capable of extracting sensitive data from infected devices. Eternidade has been used to target users in Brazil. This malware can self-spread through WhatsApp spam. Eternidade is
Our review of thicationize.co[.]in shows that the site is created to trick users into enabling its notifications. If someone allows them, the site can push misleading content (e.g., fake warnings) directly to their device. Because of this, thicationize.co[.]in and similar pages should be avoided,
Our research team discovered hypstichly.co[.]in while investigating suspicious websites. After inspecting this rogue webpage, we learned that it promotes browser notification spam and generates redirects to other (likely dubious/dangerous) sites. Hypstichly.co[.]in and analogous pages are primaril
Boonaphably[.]com is a rogue page discovered by our research team during a routine inspection of untrustworthy websites. Upon examining this webpage, we learned that it promotes browser notification spam and redirects visitors to other (likely dubious/harmful) sites. Most users access pages like b
Sturnus is an Android malware (a banking Trojan) that can control a device. It is capable of reading chat messages, stealing banking details by showing fake login pages, and more. Attackers can remotely perform malicious actions in the background while keeping the screen hidden from the victim.
Our inspection of proadrast[.]com has revealed that the site uses deception to get permission to show notifications. If visitors allow the site to send notifications, they can be exposed to malicious content. Thus, proadrast[.]com and similar web pages should not be trusted or allowed to display n
Upon inspecting meshchainsolutions[.]com, we concluded that it is designed to deceive visitors into permitting it to show notifications. If allowed, meshchainsolutions[.]com can send fake alerts to promote other potentially malicious pages. Users should avoid visiting meshchainsolutions[.]com and
We have examined F*ckFBI (malware that our team encountered while inspecting samples uploaded to VirusTotal) and discovered that it is ransomware that encrypts files and provides a ransom note containing payment and contact information. Also, the ransomware renames files by appending its extension
Our analysis shows that trustedspotsearch.com is a fake search engine. It does not generate search results and is promoted through an unwanted extension, a browser hijacker called Trusted Spot. It is advisable not to use fake search engines and browser hijackers to avoid privacy and security risks