Blue is ransomware from the Phobos family. We discovered this variant while inspecting malware samples uploaded to VirusTotal. Our analysis has shown that Blue encrypts files and renames them by appending the victim's ID, givebackdata@mail.ru email address, and ".blue" extension. Also, Blue create
Upon inspecting squipisioncha.co[.]in, we concluded that this web page cannot be trusted. It uses clickbait to lure visitors into accepting its notifications. Users should never agree to receive notifications from websites of this kind. It is worth noting that users rarely open websites like squip
We have reviewed pleadsbox[.]com and found that it is a deceptive site designed to trick users into allowing it to show notifications. In most cases, users accidentally visit such sites. Users who have granted pleadsbox[.]com permission to display notifications should revoke this permission to avo
Our research team discovered the poopsylifort[.]com webpage during a routine investigation of dubious sites. After examining this rogue page, we determined that it is designed to endorse browser notification spam and generate redirects to other (likely unreliable/harmful) websites. Users primaril
Our researchers discovered pushckick[.]click while browsing untrustworthy websites. This rogue page promotes browser notification spam and can redirect visitors to different (likely dubious/hazardous) sites. The majority of users access webpages like pushckick[.]click through redirects generated
Prince is a ransomware-type virus. This malicious program is written in the Go programming language. It encrypts victims' files to demand payment for the decryption. After we executed a sample of Prince on our test machine, it encrypted files and appended their filenames with a ".ran" extension.
We have examined ondshub[.]com and determined that it is a deceptive website designed to deceive users into granting it permission to display notifications. Usually, users unintentionally access sites like ondshub[.]com. If this (or a similar) page has been allowed to show notifications, this perm
Worldtracker is the name of a malicious program that extracts and exfiltrates sensitive information from devices. Among this stealer's capabilities are cryptocurrency wallet theft and victims' file download/exfiltration. Worldtracker is a stealer – a type of malware designed to obtain vuln
While testing ProcessInput, our team discovered that it has traits of adware: once installed, ProcessInput displays annoying advertisements. Additionally, this app might be designed to collect browsing-related and other data. Users should avoid installing ProcessInput and similar applications.
Styx is a type of malware specifically designed to steal sensitive information from infected devices. It is sold for $75 per month, $230 per three months, and $350 for a lifetime license). Having a computer infected with this malware may lead to issues such as monetary loss, identity theft, and mo