Our team discovered CCLand during an analysis of samples uploaded to VirusTotal. Upon inspecting the malware, we concluded that it is ransomware that encrypts files. In addition to encrypting data, CCLand appends the ".ccl" extension to filenames and drops a ransom note, "RECOVER_README.txt". An
We have found that ouseperwaganis[.]com is designed to mislead users into consenting to get its notifications. If allowed, it can send deceptive messages, such as fake alerts, to promote shady websites. Because of this, the site (and others like it) should be avoided, and any notification requests
Ptifirelaria[.]com is a rogue webpage discovered by our researchers during a routine investigation. After inspecting this page, we learned that it endorses spam browser notifications and redirects users to other (likely dubious/harmful) sites. Most visitors to ptifirelaria[.]com and similar webpag
While browsing untrustworthy sites, our research team discovered the advoiderce[.]com rogue webpage. Upon examination, we found that it is yet another site that promotes browser notification spam through a CAPTCHA-themed lure. This page can also redirect users elsewhere, likely unreliable or malic
Our researchers found the BAFAIAI ransomware while inspecting new file submissions to the VirusTotal site. This malicious program is part of the MedusaLocker ransomware family. BAFAIAI encrypts files and creates a ransom note. It adds a ".BAFAIAI" extension to their filenames. For example, a file
Eternidade is a malicious program written in the Delphi programming language. It is a stealer and banking trojan capable of extracting sensitive data from infected devices. Eternidade has been used to target users in Brazil. This malware can self-spread through WhatsApp spam. Eternidade is
Our review of thicationize.co[.]in shows that the site is created to trick users into enabling its notifications. If someone allows them, the site can push misleading content (e.g., fake warnings) directly to their device. Because of this, thicationize.co[.]in and similar pages should be avoided,
Our research team discovered hypstichly.co[.]in while investigating suspicious websites. After inspecting this rogue webpage, we learned that it promotes browser notification spam and generates redirects to other (likely dubious/dangerous) sites. Hypstichly.co[.]in and analogous pages are primaril
Boonaphably[.]com is a rogue page discovered by our research team during a routine inspection of untrustworthy websites. Upon examining this webpage, we learned that it promotes browser notification spam and redirects visitors to other (likely dubious/harmful) sites. Most users access pages like b
Sturnus is an Android malware (a banking Trojan) that can control a device. It is capable of reading chat messages, stealing banking details by showing fake login pages, and more. Attackers can remotely perform malicious actions in the background while keeping the screen hidden from the victim.