mol[.]biz websites (similar variations include mol1[.]biz, mol2[.]biz, mol3[.]biz, etc.) are designed to promote (open) untrusted web pages or display dubious content. There are many websites of this type, including, for example, hipermovies[.]icu, gdanstum[.]net and vviewpoint[.]biz. Note that m
"Xerox Scanned Document Email Scam" refers to a phishing spam email campaign. The term "spam campaign" is used to describe a mass-scale operation, during which thousands of deceptive emails are sent. The messages distributed through this spam campaign claim that recipients have received a scanned
Babax (also known as Osno) is an information stealer targeting login credentials (usernames, emails, passwords) saved on web browsers. Cyber criminals use this malware to steal sensitive information, which could be misused to generate revenue. Research shows that Babax infects computers through ot
HoudRat is malware written in AutoIt and is classified as a worm and a Remote Access Trojan (RAT). It spreads through removable media (such as USB drives) and can be used by cyber criminals to execute various commands, log keystrokes, take screenshots, steal passwords, download files, and perform
BitRAT is a malicious program, classified as a Remote Access Trojan (RAT). Malware of this type enables remote access and control over an infected machine. RATs have a wide variety of dangerous functionality. While BitRAT is by far not the most sophisticated piece of malicious software available,
Discovered by GrujaRS, Morseop ransomware is designed to encrypt files, modify their filenames and create a ransom message. It renames files by appending ".morseop-[random_string]" to their filenames. For example, it would rename a file called "1.jpg" to "1.jpg.morseop-7j9wrqr", "2.jpg" to "2.jpg
hipermovies[.]icu is an untrusted site designed to present visitors with dubious content and/or redirect them to other bogus and possibly malicious web pages. This website shares similarities with gdanstum.net, vviewpoint.biz, pushwinning.com, admnsrv.com and many others. Few visitors to these we
Like most adware-type applications, OptimalSync is designed to generate revenue for the developers by serving advertisements. It might also be designed to operate as a browser hijacker and promote dubious addresses (e.g., those of fake search engines) by changing certain browser settings. Note
CommonOptimization is a rogue application classified as adware, which also has browser hijacker traits. It operates by running intrusive advertisement campaigns, making modifications to browser settings to promote fake search engines. On Safari browsers, this app promotes 0yrvtrh.com and on Goog
Wannacry (not to be confused with WannaCry) belongs to the Xorist ransomware family and is identical to Jigsaaw ransomware. It encrypts files, renames them and issues victims with three ransom messages. Wannacry renames files by appending the ".wannacry" extension. For example, it renames "1.jpg"