While analyzing malware samples uploaded to VirusTotal, it has been determined that Cdxx belongs to the Djvu ransomware family. Its primary objective is to encrypt data. Also, it generates a ransom note ("_readme.txt") and appends the ".cdxx" extension to filenames (e.g., renames "1.jpg" to "1.jpg
In the process of reviewing the app, it became apparent that DanceTank operates as adware: when active, it displays annoying advertisements to users. In addition to showing ads, DanceTank may collect various data. Thus, affected users should remove DanceTank from their computers. DanceTa
Upon examination, it has been identified that this is a scam employing a deceptive page that displays multiple fake messages utilizing scare tactics to manipulate visitors into taking specific actions. Additionally, the deceptive page seeks permission to show notifications. Users are strongly advi
During an assessment of the application, we found that CumulusCongestus is a suspicious application distributed via a malicious installer. Upon adding CumulusCongestus to a web browser, we noticed that it can read and change various data on visited pages, manage components within a browser, and en
Our researchers discovered the FilterAdmin application while checking out new file submissions to VirusTotal. Upon inspection, we learned that FilterAdmin is adware belonging to the AdLoad malware family. This app delivers intrusive advertisement campaigns and may have other harmful capabilities
ZeroGuard is a malicious program classed as ransomware. This malware is designed to encrypt files and demand payment for the decryption. After we executed a sample of ZeroGuard on our testing system, it encrypted files and modified their filenames. To elaborate, an original file title was appende
Our researchers found the wholefreshstories[.]com rogue webpage while reviewing untrustworthy sites. It is designed to push browser notification spam and redirect users to different (likely dubious/malicious) websites. Most visitors to wholefreshstories[.]com and webpages akin to it access them t
Floscercurn.com is a rogue webpage discovered by our research team during a routine investigation of dubious sites. This page promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) websites. Most users access webpages like floscercurn[.]com through redire
"Trezor Upgrade Your Networks" is a scam that targets Trezor cryptowallet log-in credentials. The cyber criminals behind this scheme aim to steal the cryptocurrency stored in victims' wallets. It is pertinent to mention that this scam has been observed being promoted through spam emails. "
While investigating suspicious sites, our researchers discovered Your Errors Plug browser extension. It promises a "seamless" browsing experience with "relevant results on error-prone sites". For example, if a user enters a nonexistent URL – they are redirected to a webpage that informs them of th