Our discovery of Contacto occurred while inspecting malware samples submitted to VirusTotal. During examination, we found that Contacto is ransomware designed to encrypt and rename files, create a ransom note ("Contacto_Help.txt"), and change the desktop wallpaper. Contacto appends the ".Contacto"
We have inspected search-great.com and discovered that it is a fake search engine promoted by unwanted extensions that function as browser hijackers. One of the browser hijackers promoting search-great.com is My Horoscope Pro. Users should not trust search-great.com or the extensions promoting it.
We have inspected the email and concluded that it is a phishing email disguised as a notification regarding a successfully adjusted chargeback. It includes a link to a deceptive web page where recipients are instructed to enter personal information. Such emails should be ignored to avoid potential
During our analysis of Weisx App, we found that it has unclear functionality and no apparent purpose. Moreover, the app is distributed using questionable tactics and likely bundled with unwanted software. For these reasons, we consider Weisx App to be an unwanted application. Users should avoid in
Our examination of octagonfind.com has revealed that it is a fake search engine promoted through a dubious extension (Octagon Find) that functions as a browser hijacker. Fake search engines can expose users to a variety of online threats. Therefore, users should never use them and eliminate extens
Our team has inspected the email and determined that it is a fraudulent email disguised as a business message. It is designed to lure recipients into opening a fake website and disclosing personal information. Such scams are known as phishing attacks. Users should recognize these scams and avoid e
SwaetRAT is a Remote Access Trojan (RAT) developed as a 32-bit application using the .NET framework. This type of malware allows attackers to gain unauthorized control over a victim’s system, enabling them to monitor activities, steal sensitive information, and execute other malicious actions remo
Nitrogen is ransomware designed to encrypt files on the infected device. Cybercriminals were observed targeting the construction, financial services, manufacturing, and technology sectors. Upon file encryption, the targeted files have the ".NBA" extension, and a ransom note ("readme.txt") is creat
During our testing of AnalyzerFormat, we observed that it generates intrusive advertisements, a behavior commonly linked to adware. Ads displayed by adware can take users to unreliable pages and expose them to other online threats. Therefore, users should avoid installing AnalyzerFormat and elim
We have inspected yourwebarmorsolutions[.]com and discovered that this is a deceptive web page designed to present fake virus warnings. Also, it requests permission to show notifications. Users should not trust yourwebarmorsolutions[.]com to avoid scams, unwanted downloads, or other issues.