Vile is ransomware that we discovered during an inspection of samples uploaded to VirusTotal. After execution, this ransomware encrypts files and provides a ransom note ("VILE_README.txt"). It also displays a pop-up message and appends the ".vile" extension to files. For instance, it renames "1.jp
We have reviewed the email and found that it is designed to appear as a security notification from the email provider. In reality, this is a scam email that provides a link to a fake website designed to trick visitors into entering personal information. Victims of this scam may lose access to pers
Our team has examined aztcsearch.com and found that it is a fake search engine associated with an unwanted extension called SearchBits. Aztcsearch.com does not generate results and is promoted through a browser hijacker. For these reasons, both aztcsearch.com and SearchBits should not be trusted.
Our inspection has revealed that license-check-av[.]site is a deceptive website that uses clickbait to get permission to deliver notifications. If the site is allowed to do so, it can show fake warnings and similar messages to promote other potentially malicious pages. License-check-av[.]site shou
Lalia is ransomware that we discovered while analyzing malware samples uploaded to VirusTotal. Once a device is infected, Lalia encrypts files and changes their filenames by appending the ".lalia" extension. For example, it renames "1.jpg" to "1.jpg.lalia" and "2.png" to "2.png.lalia". It also pro
We have examined the Shift application and concluded that it is an unwanted application. Its installer is flagged as malicious by multiple security vendors, which indicates that it may gather information or perform other unwanted actions. Installing Shift may lead to privacy and security issues. T
LofyStealer is an information-stealing malware distributed as a fake Minecraft cheating tool named (known as Slinky). It attempts to trick victims into launching the malware by using the official Minecraft icon and presenting itself as a legitimate utility. Once active, LofyStealer can collect sen
BirdCall is malware classified as a backdoor. It targets Android users and is delivered using a compromised gaming platform. It is known that BirdCall was previously used in attacks targeting Windows users. BirdCall is mainly used to steal information and is capable of executing commands. If detec
Our team has found that entivrio[.]com is designed to trick visitors into agreeing to receive its notifications. The site displays deceptive instructions to receive permission to deliver notifications. Following those instructions can result in getting fake warnings and similar messages used to pr
We have inspected the message and concluded that it is a phishing attempt. Cybercriminals behind this email seek to trick recipients into believing that it is a security-related notification. Their goal is to lure unsuspecting recipients into contacting them. Falling for this scam can result in fi