While inspecting a deceptive download page, our researchers discovered a rogue installer carrying the GxuApp PUA (Potentially Unwanted Application). Programs within this category typically possess harmful functionalities. PUAs are often bundled with other suspicious software, and the GxuApp insta
Our research team discovered the ZAKI ESCOVINDA ransomware during a routine investigation of new file submissions to the VirusTotal platform. This malicious program belongs to the Chaos ransomware family. ZAKI ESCOVINDA encrypts data and demands payment for the decryption. On our test machine, th
Our researchers discovered the SmartSearch browser hijacker while analyzing a rogue installation setup. SmartSearch modifies browser settings to produce redirects to promoted websites. This browser extension is also considered a privacy threat, as software within this classification typically spie
RedRose is the name of a ransomware-type virus. Malicious software within this category operates by encrypting files and demanding payment for their decryption. RedRose functions the same. It renames encrypted files to a random string of numbers and appends them with a ".RedRose" extension. To el
While investigating new submissions to the VirusTotal site, our researchers discovered the Pgp ransomware. This malicious program belongs to the Makop ransomware family. Malware within this classification encrypts data and demands payment for its decryption. Pgp (Makop) ransomware encrypted files
During our inspection of sscreenads[.]com, we found that it is a deceptive web page created to deceive visitors by displaying misleading content. The purpose of sscreenads.com is to obtain permission to show notifications. Usually, notifications originating from such sites take users to dubious pa
We have examined this email and found that it is a fraudulent letter posing as a notification from an email service provider. It is created to trick visitors into providing personal information on a fake web page. Emails of this type are classified as phishing emails. Recipients should be cautious
We have analyzed the email and concluded that it is a phishing attempt. This email is written by scammers who pretend to be a company that delivers packages (a courier). The goal is to trick recipients into disclosing personal information and (or) sending money to scammers. Such emails should be i
Crypto24 is a malicious program classed as ransomware. Software within this classification is designed to encrypt data and demand payment for the decryption. Crypto24 encrypts files and adds a ".crypto24" extension to their filenames. For example, a file initially named "1.jpg" appears as "1.jpg.
Our examination of the "Mailbox Abuse Notice" email revealed that it is spam. This phishing message is presented as an email security alert claiming that suspicious activity has been detected on the recipient's account. This spam mail aims to trick victims into disclosing their email log-in creden