Our team discovered Locklocklock ransomware while inspecting samples submitted to VirusTotal. Once successfully deployed, Locklocklock encrypts files on the victim's computer and appends its extension (".locklocklock") to filenames. For example, it renames "1.jpg" to "1.jpg.locklocklock" and "2.pn
We have examined anglow[.]xyz and determined that its goal is to trick users into taking certain actions and promote other untrustworthy websites via notifications. This site employs a clickbait tactic to gain permission to send notifications. Users should exercise caution when encountering sites
We have analyzed ducesousightion[.]com and discovered that its sole purpose is to promote other unreliable websites through its notifications. This page uses clickbait to receive permission to send notifications. Users should be careful when encountering sites like ducesousightion[.]com and never
Our team has inspected mergechain.co[.]in and learned that it presents misleading messages and other content to trick visitors into taking certain actions. Also, mergechain.co[.]in requests permission to show notifications. We discovered that notifications from this site often include fake warning
Our inspection of SearchNinja extension has shown that it is a browser hijacker created to promote a fake search engine by modifying the settings of a web browser. We also found that SearchNinja can activate the "Managed by your organization" feature. Users should avoid adding SearchNinja to their
We have inspected the PDF Converter Online extension and found that it has traits of adware, a type of software that generates advertisements. It is common for adware to be utilized to promote questionable sites, apps, services, etc. Thus, it is advisable to avoid adding PDF Converter Online Adwar
DarkN1ght is ransomware based on Chaos ransomware. We have discovered DarkN1ght during our analysis of samples submitted to VirusTotal. Once the malware infiltrates the system, it encrypts files, appends different extensions (four random characters, e.g., ".3hok") to filenames, and drops its ranso
Our researchers discovered the mergenetworkprotocol.co[.]in rogue page while investigating dubious websites. After examining it, we learned that this webpage endorses browser notification spam and redirects users to different (likely unreliable/harmful) sites. The majority of users access mergene
While browsing suspicious websites, our researchers discovered the "iolo - Your PC is infected with 18 viruses!" scam. It masquerades as iolo software warning the user of various serious threats on their devices. It must be emphasized that the claims made by this scam are false, and it is not ass
NoviSpy is a malicious program targeting Android devices. It is classed as spyware – a type of malware designed for stealthy surveillance and data theft. NoviSpy activity has been associated with the Serbian Security Intelligence Agency (BIA). During the last several years, this spyware has been