Ninja Browser is a web browser based on Chromium. During our inspection, we found that it promotes a questionable search engine. Thus, Ninja Browser can expose users to unreliable websites and various online threats. Users should avoid installing Ninja Browser and eliminate the app if it is alread
Bbuild is ransomware that we discovered while analysing samples submitted to VirusTotal. It belongs to the MedusaLocker family. Upon activation, Bbuild encrypts files and appends the ".bbuild" extension to them. Also, the ransomware provides a ransom note, "HOW_TO_RECOVER_DATA.html". Here is an e
During our examination of RdpLocker, we found that it is ransomware that encrypts files, appends the ".rdplocker" extension to files, changes the desktop wallpaper, and provides a ransom note ("Readme.txt"). We discovered RdpLocker during an analysis of malware samples submitted to VirusTotal. An
We have examined notialladusdom[.]top and discovered that it employs clickbait to receive permission to send notifications. Once permitted, notialladusdom[.]top can show misleading notifications to trick users into opening questionable and potentially malicious sites. Therefore, notialladusdom[.]t
Our analysis of clickads-hub[.]top has shown that it can display different deceptive messages to lure visitors into agreeing to receive its notifications. These notifications contain fake error alerts and similar messages and promote potentially malicious sites. Therefore, users should avoid grant
Our analysis of the Strave App revealed no apparent functionality, leaving its purpose uncertain. However, it is distributed via questionable methods and likely comes with unwanted apps (or other suspicious components). As a result, we have classified the Strave App as an unwanted application.
Kixtixcy is ransomware (belonging to the Dharma family), which we discovered during the inspection of samples submitted to VirusTotal. Our analysis has uncovered that Kixtixcy encrypts files, modifies filenames, and provides two ransom notes (creates a text file named "kix_info.txt" and displays a
During our examination of mefearcates[.]com, we discovered that it presents a misleading message to trick visitors into granting it permission to show notifications. We also found that notifications from mefearcates[.]com contain fake system warnings and other deceptive messages. Thus, mefearcates
Vulcan is ransomware, which we discovered while inspecting samples uploaded to VirusTotal. It encrypts and renames files and presents a ransom note. Vulcan replaces filenames with random strings and appends its extension (".vulcan"). For instance, it changes "1.jpg" to "7d9b9cc3ed944b141fc5151f9ff
Held is ransomware (from the Djvu family) that our team discovered during the examination of malware samples submitted to VirusTotal. We found that Held encrypts files and appends the ".held" extension to filenames. Also, it provides contact and payment information in the "_readme.txt" file. Here