Our researchers discovered Razrusheniye ransomware while investigating new submissions to the VirusTotal platform. Malicious programs within this category operate by encrypting data and demanding payment for the decryption. After we executed a sample of Razrusheniye on our test machine, it encryp
HZ RAT is a backdoor malware targeting macOS users (more precisely, users of DingTalk and WeChat versions for macOS). It is important to note that there is also a Windows version of HZ RAT malware. In order to avoid potential risks, victims should remove the malware from infected computers as so
Bull Checker is a malicious browser extension that operates as a cryptocurrency stealer. It modifies digital asset transactions to reroute them into wallets in the cyber criminals' possession. At the time of research, Bull Checker targeted Solana cryptocurrency (SOL). Upon installation, th
Cheana is an information stealer targeting three operating systems: Windows, Linux, and macOS. Cybercriminals behind Cheana utilize a deceptive website to distribute the malware. It is known that the attackers have previously offered seemingly legitimate VPN services but later started distributing
After investigating the "Compromise Of Your Digital Identity" email, we determined that it is malspam. This spam message claims that the recipient's digital identity might have been compromised. The personal information affected is detailed in the attachment document. Instead of containing any su
We have examined trksecurescanf[.]com and learned that the purpose of this deceptive page is to lure visitors into taking certain actions. Like most web pages of this type, trksecurescanf[.]com asks permission to send notifications. If encountered, trksecurescanf[.]com (or any similar site) should
During our examination of toptosearch.com, we noticed that it does not generate search results. Thus, we classified toptosearch.com as a fake search engine. We also found that toptosearch.com is promoted through an extension that functions as a browser hijacker. Users should avoid using toptosearc
During our inspection of IcuApp, we noticed that this application has no clear purpose. Moreover, it is hosted on a shady web page and distributed with other dubious programs. Therefore, users should avoid installing IcuApp (and the associated apps) to avoid potential security and privacy risks.
While inspecting subsboost[.]online, we discovered that it displays misleading content to trick visitors into permitting it to send notifications. It is uncommon for sites like subsboost[.]online to be visited intentionally. Users should not allow such pages to show notifications and visit them.
Trustedsear.ch is the address of a fake search engine. Websites within this category cannot generate search results and redirect to genuine Internet search sites. They also tend to gather information about their visitors. Typically, fake search engines are promoted by browser hijackers. We discov