Our researchers found the GhostHacker ransomware during a routine inspection of new file submissions to the VirusTotal site. Malware of this type is designed to encrypt files and demand payment for its decryption. We acquired a sample of GhostHacker and executed it on our testing system. This ran
AzzaSec is ransomware that we discovered during our analysis of samples uploaded to the VirusTotal platform. Once a computer is infected, AzzaSec encrypts files and appends the ".AzzaSec" extension to filenames. Additionally, this ransomware changes the desktop wallpaper and provides a ransom note
Iadispatcher.com is the address of a fake search engine that cannot provide search results. Websites of this kind are typically promoted (via redirects) by browser hijackers. Our research team discovered iadispatcher.com while investigating a rogue installer that, upon installation, generated redi
While browsing dubious websites, our research team discovered phoaksux[.]com. This rogue webpage promotes browser notification spam and generates redirects to different (likely unreliable/hazardous) sites. Pages like phoaksux[.]com are most often accessed via redirects caused by websites that uti
While inspecting malware samples submitted to VirusTotal, we discovered Cebrc ransomware, which is based on Chaos. Cebrc encrypts files, appends the ".cebrc", extension to filenames, and provides a ransom note ("read_it.txt"). An example of how files encrypted by Cebrc are renamed: "1.jpg" is chan
Our researchers discovered the dominness.co[.]in rogue site while inspecting suspicious websites. After examining this webpage, we determined that it pushes browser notification spam and redirects visitors to other (likely dubious/malicious) websites. Dominness.co[.]in and pages similar to it are
While inspecting new malware submissions to the VirusTotal platform, our research team discovered the Rapax ransomware. This malware encrypts data and demands payment for the decryption. We investigated Rapax by executing a sample of this ransomware on our test machine. The program encrypted file
In our investigation of news-ziwuni[.]com, we discovered that it is an untrustworthy website designed to trick visitors into accepting its notifications. Websites such as news-ziwuni[.]com are promoted through deceptive means. Thus, it is uncommon for such pages to be visited on purpose. Overall,
During our examination of notifier.co[.]in we learned that it is an unreliable web page designed to lure visitors into agreeing to receive notifications from it. Notifier.co[.]in and similar pages are promoted using deceptive methods. Thus, users often land on such pages unintentionally. It is rec
News-varaga[.]com is the address of a rogue page discovered by our research team during a routine investigation of suspicious websites. Upon inspection, we determined that news-varaga[.]com endorses browser notification spam and redirects users to other (likely untrustworthy/malicious) sites. Mos