During our examination of RdpLocker, we found that it is ransomware that encrypts files, appends the ".rdplocker" extension to files, changes the desktop wallpaper, and provides a ransom note ("Readme.txt"). We discovered RdpLocker during an analysis of malware samples submitted to VirusTotal. An
We have examined notialladusdom[.]top and discovered that it employs clickbait to receive permission to send notifications. Once permitted, notialladusdom[.]top can show misleading notifications to trick users into opening questionable and potentially malicious sites. Therefore, notialladusdom[.]t
Our analysis of clickads-hub[.]top has shown that it can display different deceptive messages to lure visitors into agreeing to receive its notifications. These notifications contain fake error alerts and similar messages and promote potentially malicious sites. Therefore, users should avoid grant
Our analysis of the Strave App revealed no apparent functionality, leaving its purpose uncertain. However, it is distributed via questionable methods and likely comes with unwanted apps (or other suspicious components). As a result, we have classified the Strave App as an unwanted application.
Kixtixcy is ransomware (belonging to the Dharma family), which we discovered during the inspection of samples submitted to VirusTotal. Our analysis has uncovered that Kixtixcy encrypts files, modifies filenames, and provides two ransom notes (creates a text file named "kix_info.txt" and displays a
During our examination of mefearcates[.]com, we discovered that it presents a misleading message to trick visitors into granting it permission to show notifications. We also found that notifications from mefearcates[.]com contain fake system warnings and other deceptive messages. Thus, mefearcates
Vulcan is ransomware, which we discovered while inspecting samples uploaded to VirusTotal. It encrypts and renames files and presents a ransom note. Vulcan replaces filenames with random strings and appends its extension (".vulcan"). For instance, it changes "1.jpg" to "7d9b9cc3ed944b141fc5151f9ff
Held is ransomware (from the Djvu family) that our team discovered during the examination of malware samples submitted to VirusTotal. We found that Held encrypts files and appends the ".held" extension to filenames. Also, it provides contact and payment information in the "_readme.txt" file. Here
During our inspection, we found that fyallusad[.]top uses clickbait to receive permission to show notifications. We also discovered that fyallusad[.]top can send deceptive notifications and expose users to online scams and other threats. Thus, it is highly advisable not to grant fyallusad[.]top pe
AlienWare is a ransomware based on Chaos. Note that the American computer hardware subsidiary brand of Dell, Alienware, has nothing to do with the ransomware. We discovered AlienWare while inspecting malware samples submitted to VirusTotal. Upon infiltration, AlienWare encrypts files, drops a rans