DarkN1ght is ransomware based on Chaos ransomware. We have discovered DarkN1ght during our analysis of samples submitted to VirusTotal. Once the malware infiltrates the system, it encrypts files, appends different extensions (four random characters, e.g., ".3hok") to filenames, and drops its ranso
Our researchers discovered the mergenetworkprotocol.co[.]in rogue page while investigating dubious websites. After examining it, we learned that this webpage endorses browser notification spam and redirects users to different (likely unreliable/harmful) sites. The majority of users access mergene
While browsing suspicious websites, our researchers discovered the "iolo - Your PC is infected with 18 viruses!" scam. It masquerades as iolo software warning the user of various serious threats on their devices. It must be emphasized that the claims made by this scam are false, and it is not ass
NoviSpy is a malicious program targeting Android devices. It is classed as spyware – a type of malware designed for stealthy surveillance and data theft. NoviSpy activity has been associated with the Serbian Security Intelligence Agency (BIA). During the last several years, this spyware has been
We have reviewed pectorsed[.]com and concluded that it is an unreliable web page created to lure visitors into granting it permission to show notifications. Moreover, if the site has permission to send notifications, it bombards users with fake alerts and other messages. Overall, pectorsed[.]com c
Our analysis of grimpoaltoumpa[.]com reveals that it uses deceptive tactics to trick users into granting notification permissions. Once allowed, it can deliver fake and misleading notifications, often promoting potentially harmful websites. Therefore, grimpoaltoumpa[.]com is unreliable and should
Our research team discovered the unlockcontent[.]org rogue page during a routine inspection of suspicious websites. Upon investigation, we determined that this webpage endorses browser notification spam and generates redirects to different (likely unreliable/malicious) sites. The majority of visi
WmRAT is malware that functions as a standard Remote Access Trojan (RAT). This RAT is written in C++ and can perform multiple malicious activities. WmRAT was observed being used by cybercriminals to target government, energy, telecom, defense, and engineering sectors in Europe, the Middle East, Af
Our research team found the contus[.]sbs rogue page while investigating untrustworthy websites. This page promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Contus[.]sbs and analogous webpages are primarily accessed through redirects produced by webs
MiyaRAT is a Remote Access Trojan written in the C++ programming language. It is capable of taking screenshots, enumerating files, executing commands, and more. MiyaRAT is known to be used by a specific group of cybercriminals to target the government, energy, telecommunications, defense, and engi