While reviewing malware samples on the VirusTotal platform, we encountered the Rzew ransomware, which belongs to the Djvu family. When this ransomware infects a computer, it encrypts files and adds the ".rzew" extension to their filenames. For example, "1.jpg" would be transformed into "1.jpg.rzew
After careful analysis, our team has determined that the objective of this email is to deceive recipients into disclosing their personal information. These emails are classified as phishing attempts, where the senders, who are fraudulent actors, seek to trick recipients into sharing sensitive info
Crystalchiseler[.]top is a rogue webpage that our research team found while checking out untrustworthy sites. This page is designed to deceive visitors into allowing its spam browser notification delivery. It can also generate redirects to other (likely dubious/malicious) websites. Users predomin
Our researchers discovered the ParameterLog app while investigating new submissions to the VirusTotal site. After inspecting this piece of software, we learned that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It generates revenue
After investigating the "You Have New Held Messages" email, we determined that it is spam. This message falsely states that the recipient has sixteen pending emails, which will be deleted unless released into the inbox within a certain timeframe. This mail promotes a phishing website that records
VideoProgramRanking is a piece of rogue software that we discovered while investigating new submissions to the VirusTotal website. After inspecting this application, we determined that it is advertising-supported software (adware). VideoProgramRanking is part of the AdLoad malware family.
Our inspection of the "Your Mail Version Is Currently Being Disconnected" email revealed that it is spam. This letter informs the recipient that they have undelivered messages and that their current mail version will be disconnected. As the recipient attempts to upgrade it, they are redirected to
In the course of our examination of the NodeZipArray application, our team noted its frequent display of advertisements, categorizing it as adware. It's important to emphasize that such software is often promoted and disseminated through deceptive methods, which can result in users unknowingly i
While investigating new submissions to VirusTotal, our research team discovered the NWOransom malicious program. It is based on Chaos ransomware. Malware within the ransomware classification encrypts data in order to demand payment for its decryption. On our test machine, a sample of NWOransom en
During our analysis of the RepairEnumerator application, our team observed that it displays numerous advertisements, classifying it as adware. It is crucial to highlight that such software is frequently promoted and distributed through deceptive means, leading users to install programs like Repa