While browsing submissions to the VirusTotal site, our researchers discovered Ztax ransomware. This malicious program is part of the Dharma ransomware family. On our test machine, Ztax encrypted files and altered their filenames. Original titles were appended with a unique ID assigned to the vict
Our researchers discovered the karakorampeak[.]top rogue page while investigating dubious websites. Upon inspection, we learned that this webpage promotes spam browser notifications and causes redirects to other (likely unreliable/hazardous) websites. The majority of visitors to karakorampeak[.]t
Our researchers discovered NK – a ransomware-type program based on Chaos – while reviewing file submissions to the VirusTotal platform. Ransomware is designed to encrypt files and demand ransoms for the decryption. After we launched a sample of NK on our testing machine, it encrypted files and ap
SwiftSeek is a browser hijacker. Our researchers found this extension in an installer promoted by a deceptive page, which was discovered during a routine investigation of suspicious websites. Browser hijackers operate by making changes to browser settings to endorse (via redirects) fake search en
Opalarmes2[.]space is a rogue webpage that promotes dubious content and browser notification spam. It can also generate redirects landing on different (likely unreliable/dangerous) sites. Most visitors to pages of this kind access them through redirects caused by sites using rogue advertising net
Our researchers discovered diteringion[.]com while browsing dubious websites. This rogue page is designed to promote browser notification spam and redirect users to different (likely untrustworthy/dangerous) sites. The majority of visitors to diteringion[.]com and similar webpages access them via
Upon examining the "Join Zoom Meeting" email, we determined that it is spam. Presented as an invite to a Zoom videotelephony meeting, this fake message seeks to lure recipients into visiting a phishing website that targets account log-in credentials. It must be stressed that this email is fraudul
Bellpepa.co[.]in is a rogue page discovered by our researchers during a routine inspection of suspect websites. Upon investigation, we determined that this webpage promotes browser notification spam and generates redirects to different (likely untrustworthy/hazardous) sites. Most visitors enter b
After reading this "Your Transaction Has Been Released" email, we determined that it is spam. This fake message states that the recipient's funds have finally been released, and they are urged to contact the sender with their details for further information on how to claim the exorbitant sum. Once
While browsing files submitted to the VirusTotal website, our researchers found the HaroldSquarepants ransomware. It is part of the GlobeImposter ransomware family. Like most programs within this classification, HaroldSquarepants encrypts data and demands ransoms for its decryption. On our testin