REDKAW is ransomware designed to encrypt data and append its extension (".redkaw") to files. For instance, it changes "1.jpg" to "1.jpg.redkaw", "2.png" to "2.png.redkaw", and so forth. Also, REDKAW provides a ransom note, "HOW-TO-FIX.txt". The note includes contact and payment information. Sc
Our research team discovered the risotoska.co[.]in webpage while inspecting suspect sites. After examining this page, we learned that it endorses browser notification spam and redirects users to different (likely untrustworthy/malicious) sites. The majority of visitors to risotoska.co[.]in and si
Our team discovered Hitler_77777 while analyzing malware samples uploaded to VirusTotal. This ransomware is identical to TRUST FILES. It encrypts files and modifies filenames. Hitler_77777 appends the victim's ID, a Telegram ID, and its extension (four ransom characters) to files. Also, Hitler_77
Our analysis revealed that FastFix exhibits adware-like behavior. Once active, it generates intrusive and unwanted advertisements. Users should avoid installing FastFix and similar apps. In addition to displaying ads, FastFix may also collect user data and cause other issues. FastFix can
Our researchers discovered the "We Are Having Trouble With Firewall" scam while investigating dubious websites. It is a technical support scam that aims to trick victims into calling fake support lines by making bogus claims concerning their device security. It must be emphasized that the informa
Revenge Of Heisenberg is a ransomware based on Chaos, which our researchers discovered during a routine inspection of new file submissions to the VirusTotal platform. Ransomware is designed to encrypt files and demand payment for the decryption. There are two variants of Revenge Of Heisenberg, an
Richleads[.]top is a rogue webpage discovered by our researchers while investigating dubious sites. After inspecting this page, we learned that it promotes browser notification spam and produces redirects to other (likely untrustworthy/hazardous) websites. Most users enter webpages like richleads[
Our research team discovered Tiaow VApp while analyzing a rogue installer promoted by a deceptive webpage. The setup also included the fake "Save to Google Drive" browser extension. Tiaow VApp is a PUA (Potentially Unwanted Application). Upon analysis, we found that this app drops the Legion Loade
Our researchers discovered the seekthatonline.com fake search engine while analyzing the "SeekThatOnline - Access to favorite sites" browser hijacker. Websites of this kind cannot provide search results and tend to redirect to legitimate Internet search sites. Browser-hijacking software modifies b
After examining this "Offer For The Below Items" email, we determined that it is spam. This message requests the recipient to make an offer for the products detailed in the shared Microsoft Excel file. When the recipient attempts to review the document, they are lured into disclosing their email a