Our researchers discovered AnarchyRansom while inspecting new submissions to the VirusTotal website. This malicious program is classed as ransomware, a type of malware that encrypts data and demands ransoms for the decryption. On our test machine, AnarchyRansom encrypted files and added a ".ENCRY
We have reviewed hyllates.co[.]in and concluded that it is an unreliable website created to deceive visitors into agreeing to receive its notifications. When sites like hyllates.co[.]in are allowed to show notifications, they send fake warnings and similar messages to promote other shady web pages
Our inspection of the email has revealed that it is a phishing email. It is disguised as a message from Wells Fargo Bank regarding an account security check. The email contains a link to a fake web page designed to extract personal information from unsuspecting users. If received, this email shoul
Our researchers discovered the highspeedads[.]top rogue page while investigating untrustworthy websites. It operates by endorsing spam browser notifications and redirecting users to other (likely unreliable/hazardous) sites. Users primarily access highspeedads[.]top and similar webpages via redire
Our research team discovered SearchThatNow while inspecting dubious websites. This browser extension is promoted as a Web search enhancement tool that provides easy access to the last ten searched queries. After investigating this extension, we determined that it is a browser hijacker. SearchThat
While investigating dubious websites, our researchers discovered the "Norton - Scan Your Windows PC For Viruses In Seconds" scam. The fake page offers a free system scan that supposedly finds multiple threats on the user's device. At the time of research, "Norton - Scan Your Windows PC For Viruses
TerraStealerV2 is a malware designed to steal vulnerable data from infected devices. This stealer was developed by a threat actor dubbed "Golden Chickens" (also known as Venom Spider). As of the time of writing, it is likely that TerraStealerV2 is still under development since its stealth capabili
TerraLogger is a keylogger. Five versions of this malicious program were developed between January and April of 2025; the frequency and the developers' modus operandi suggest that TerraLogger is still in active development. As the classification implies, this malware is designed to record keystrok
PDFast is an app promoted as a tool capable of converting file formats, such as turning Microsoft Office files into PDF documents. This piece of software is classed as a PUA (Potentially Unwanted Application). PDFast has been observed being used to distribute malware. PDFast is a Potential
LockZ is ransomware that encrypts files and appends its extension (".lockz") to files. After encryption, files look like this: "1.jpg" is changed to "1.jpg.lockz", "2.png" to "2.png.lockz", and so forth. Also, LockZ changes the desktop wallpaper and drops a ransom note ("@HELP_HERE_TO_RESCUE_YOUR_