This malware is a ransomware-type program designed to encrypt files and demand payment for the decryption. Its developers have utilized the name and graphics of Combo Cleaner and PCrisk.com in an attempt to damage our reputation and create a misleading association in users' minds between the malwa
PipeMagic is a piece of malicious software classed as a backdoor. Programs of this kind seek to open a "backdoor" into systems for further infections, and some can even carry them out (i.e., download/install additional malicious content). PipeMagic has been around since at least 2022. Originally
After inspecting this "Standard Bank - VAT Increase" email, we determined that it is fake. This phishing message alerts the recipients of changes to the VAT rates in the Republic of South Africa. The purpose of this email is to deceive recipients into disclosing their online bank account log-in cr
Steadychainconnection.co[.]in is a rogue page discovered by our research team during a routine investigation of dubious websites. This webpage promotes spam browser notifications and redirects users to other (likely unreliable/hazardous) sites. The majority of visitors to steadychainconnection.co
During a routine investigative session of dubious websites, our researchers discovered the coperdayed[.]com rogue page. It operates by promoting browser notification spam and redirecting users to different (likely unreliable/malicious) sites. Most visitors to coperdayed[.]com and similar webpages
XIAOBA 2.0 is a ransomware-type program. It is designed to encrypt victims' files in order to demand ransoms for the decryption. XIAOBA 2.0 renames the affected files according to this pattern – "[xiaoba_666@163.com]Encrypted_[random_string].XIAOBA". On our test machine, this ransomware encrypted
Our researchers discovered conatesints[.]com during a routine investigation of suspicious websites. This rogue page endorses browser notification spam and redirects users to other (likely dubious/dangerous) sites. Most visitors to conatesints[.]com and similar webpages access them through redirect
RustySpy is a malicious program classified as a stealer. As the classification implies, this malware's purpose is to steal vulnerable data from infected systems and the applications installed on them. RustySpy is a stealer-type malware. Programs of this kind tend to begin their malicious o
HellCat is ransomware that encrypts victims' files and appends the ".HC" extension to them. Also, it changes the desktop wallpaper and drops a ransom note ("_README_HELLCAT_.txt"). An example of how HellCat renames files: it changes "1.jpg" to "1.jpg.HC", "2.png" to "2.png.HC", "3.exe" to "3.exe.H
Chydroogible[.]com is a rogue page discovered by our researchers during a routine inspection of untrustworthy websites. After examining this webpage, we learned that it promotes browser notification spam and produces redirects to other (likely unreliable/hazardous) sites. Most users access chydroo