"COVID-19 test" is yet another Coronavirus/COVID-19-themed spam email campaign. There are several variants of these deceptive emails, however, the common thread is that they all offer free coronavirus testing to recipients. The messages claim that the attached files are forms/applications, howeve
Solider was discovered by Amigo-A. This ransomware encrypts files, renames them by appending an extension, and generates ransom messages. Solider appends the ".xsmb" extension to a name of each encrypted file. For example, it renames a file named "1.jpg" to "1.jpg.xsmb", "2.jpg" to "2.jpg.xsmb", a
SearchHD is software categorized as a browser hijacker that modifies browser settings to promote search-hd.com (a fake search engine). Furthermore, it monitors users' browsing activity. Since most users download/install SearchHD unintentionally, it is also classified as a Potentially Unwanted Appl
"BBVA" is a deceptive email designed to proliferate the Agent Tesla RAT (Remote Access Trojan). The text presented in these messages is in Spanish, and hence the intended targets are Spanish-speaking users. The email claims to contain information concerning due invoice payments. Instead, the atta
Yts[.]mx is one of many torrent websites. It is not safe to use these websites to download software, files or other content, since they are often used by cyber criminals to proliferate malicious programs. Furthermore, it is illegal to download copyrighted content via torrent web pages. Research s
Discovered by dnwls0719, Sekhmet is ransomware. This malicious program operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all affected files are appended with an extension, consisting of random characters (e.g. ".HrUSsw", ".WNgh", ".NdWfEr", et
As its name suggests, WinOptimizer is software that supposedly analyzes and optimizes Windows computers. Like most programs of this type, it suggests that people can scan their computers for unnecessary files, registry entries and running services, invalid shortcuts, etc. In fact, this program is
Ramsay is malware capable of scanning computers, removable drives and network shares/drives, which are isolated from unsecured networks (such as public internet, unsecured local area networks), for files such as Microsoft Office documents, PDF documents and ZIP archives. In this way, it can steal
cooing[.]top is a deceptive website promoting a version of the "Latest version of Adobe Flash Player" scam. The scheme claims that the Adobe Flash Player installed on the system is outdated and requires updates. If fact, the updaters offered by cooing[.]top are fake. At the time of research, th
There are various spam campaigns that are used to trick people into installing malicious programs on their computers. Generally, cyber criminals send emails that are disguised as important, official messages from legitimate companies/organizations and contain malicious attachments and/or website l