After thoroughly examining the Hyaenidae browser extension, it has become clear that this extension cannot be relied upon. Hyaenidae is distributed via a malicious installer and encompasses features involving data reading and the manipulation of various Chrome browser settings as well as other com
During examination of samples submitted to the VirusTotal site, we have discovered a ransomware new variant of the WORLD GRASS ransomware dubbed EARTH GRASS. This ransomware encrypts files and appends the ".34r7hGr455" extension to the filenames of locked files. Also, it changes the desktop wallpa
Our researchers found the 2023 ransomware-type program while inspecting new file submissions to the VirusTotal website. This program is designed to encrypt data and demand payment for its decryption. It is part of the Dharma ransomware family. On our test machine, the 2023 program encrypted files
After a thorough examination of this email, it has been ascertained that it is a deceptive email designed to coax recipients into opening the attached file. The primary objective of the cybercriminals orchestrating this campaign is to mislead recipients into unwittingly running malicious software
During the examination of samples submitted to VirusTotal, the Th ransomware belonging to the Xorist family has been discovered. Cybercriminals utilize this malware to encrypt files. Additionally, Th renames files (adds the ".th" extension to filenames), displays an error window and creates the "К
Vespy Grabber is a sophisticated and multifaceted malware that poses a grave risk to both individual users and organizations. Vespy Grabber is a highly invasive malware strain known for its extensive capabilities, ranging from capturing desktop and webcam screenshots to exfiltrating sensitive data
During the analysis of malware samples using VirusTotal, we encountered a ransomware variant known as Ptrz. This ransomware is responsible for encrypting files and altering their filenames by appending the ".ptrz" extension. Furthermore, Ptrz generates a ransom note, which can be located within a
Exodus is insidious software designed with the malevolent intent of surreptitiously infiltrating Exodus wallets used to store cryptocurrency. With a devious methodology, the Exodus wallet stealer is engineered to steal the wallets and their contents, including private keys, public keys, and the cr
Our researchers discovered the easyfondsonline[.]com rogue page while inspecting untrustworthy websites. This webpage promotes spam browser notifications and generates redirects to other (likely dubious/malicious) sites. The majority of users access pages like easyfondsonline[.]com via redirects
Comscp.co[.]in is a rogue page that we found during a routine investigation of questionable websites. It operates by pushing browser notification spam and redirecting visitors to different (likely unreliable/dangerous) sites. Users primarily enter pages like comscp.co.in through redirects generate