While reviewing new malware submissions to the VirusTotal website, our researchers discovered Cipher ransomware. This malicious program is part of the Proton ransomware family. Malware of this kind encrypts data and demands payment for the decryption. On our testing system, Cipher (Proton) ransom
Flesh is information-stealing malware targeting Windows users. It is capable of extracting sensitive data from web browsers and Discord. Once it has collected the stolen data, it is sent to a remote server controlled by the attacker for malicious use. If a computer is infected with Flesh stealer,
During the analysis of toneincludes[.]com, we discovered that this page uses clickbait to get permission to display notifications. Once this permission is granted, toneincludes[.]com can deliver intrusive and fraudulent notifications. Therefore, users should not accept notifications from toneinclu
Our team has inspected unadsglobal[.]com and discovered that its purpose is to obtain permission to show notifications. Once allowed, unadsglobal[.]com can bombard users with annoying and deceptive notifications. Web pages like unadsglobal[.]com should not be permitted to send notifications to avo
Our research team found the sundermima[.]com rogue webpage while browsing suspicious sites. After examining this page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) websites. Most users enter webpages like sundermima[.]com v
While investigating dubious webpages, our researchers discovered the ratenowpage[.]site rogue website. Upon examination, we determined that it promotes browser notification spam and generates redirects to different (likely dubious/malicious) sites. Users primarily access pages like ratenowpage[.]
Terminator is the name of a ransomware-type virus. Malware within this category is designed to encrypt data and demand payment for its decryption. Terminator renames encrypted files by adding the attacker's email address and a ".terminator" extension. For example, a file initially named "1.jpg" a
While inspecting a Torrent website that uses rogue advertising networks, our researchers discovered the pohsoneche[.]info page. It promotes browser notification spam and redirects users to other (likely unreliable/harmful) sites. Most visitors access pohsoneche[.]info and similar webpages via red
Bixi is a ransomware-type program. It is designed to encrypt victims' files and demand ransoms for the decryption. On our testing system, Bixi ransomware encrypted files and created a ransom note. Original filenames of the locked files were appended with a ".bixi" extension, e.g., "1.jpg" became
During our analysis of snadsnews[.]com, we uncovered that it is a shady website that uses a deceptive technique to get permission to show notifications. If allowed, snadsnews[.]com can send notifications containing misleading content to trick visitors into clicking them. snadsnews[.]com and simila