Discovered by dnwls0719, Sekhmet is ransomware. This malicious program operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all affected files are appended with an extension, consisting of random characters (e.g. ".HrUSsw", ".WNgh", ".NdWfEr", et
As its name suggests, WinOptimizer is software that supposedly analyzes and optimizes Windows computers. Like most programs of this type, it suggests that people can scan their computers for unnecessary files, registry entries and running services, invalid shortcuts, etc. In fact, this program is
Ramsay is malware capable of scanning computers, removable drives and network shares/drives, which are isolated from unsecured networks (such as public internet, unsecured local area networks), for files such as Microsoft Office documents, PDF documents and ZIP archives. In this way, it can steal
cooing[.]top is a deceptive website promoting a version of the "Latest version of Adobe Flash Player" scam. The scheme claims that the Adobe Flash Player installed on the system is outdated and requires updates. If fact, the updaters offered by cooing[.]top are fake. At the time of research, th
There are various spam campaigns that are used to trick people into installing malicious programs on their computers. Generally, cyber criminals send emails that are disguised as important, official messages from legitimate companies/organizations and contain malicious attachments and/or website l
"Your Mac needs to be updated to improve compatibility" is a message in a deceptive pop-up window, which appears after launching a fake Adobe Flash Player installer. It is designed to trick users into thinking that by entering the password and clicking the "OK" button they will update the operat
Discovered by Blueteam 4 Life, EpicSplit is a malicious program classified as a Remote Access Trojan (RAT). Malware of this type allows remote access and control over an infected device. RATs can enable user-level control (or close to user-level control) of a machine. These programs have a wide v
Valak is malicious software that downloads JScript files and executes them. What happens next depends on the actions performed by the executed JScript files. It is very likely that cyber criminals behind Valak attempt to use this malware to cause chain infections (i.e., using Valak to distribute o
ProgressExpert is an adware-type app that has browser hijacker characteristics. It operates by running intrusive advertisement campaigns, making modifications to browser settings and promoting a fake search engine. ProgressExpert promotes Safe Finder through akamaihd.net. Additionally, most adw
Cov19 is a malicious program belonging to the Scarab ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are renamed according to this pattern: random character string an