Upon thorough analysis of the malware samples submitted to the VirusTotal page, we have found Lkhy, a variant of ransomware associated with the Djvu family. Lkhy encrypts files and renames them by appending the extension ".lkhy" to their filenames. For example, it converts "1.jpg" to "1.jpg.lkhy",
After checking out the "Deactivation Countdown" email, we determined that it is spam. This mail operates as a phishing scam. It targets email log-in credentials (passwords) through false claims concerning an account deactivation. The spam email with the subject "Email Termination Notificat
After a thorough examination of the application, it became evident that Ask AI Browser functions as a browser hijacker, promoting askaibrowser.com. This extension seizes control of a browser by altering its settings and possesses the ability to access and manipulate various data. Thus, users are a
Find It Quick Search is a rogue browser extension. After examining it, we determined that it is browser-hijacking software. This extension modifies browser settings to endorse (through redirects) the finditquicksearch.com fake search engine. Browser hijackers assign promoted sites as brows
During analysis of the email, we concluded that it is a deceptive message posing as invoice-related correspondence. Scammers crafted it to deceive recipients into divulging personal information on a fraudulent website. Such emails fall under the category of phishing emails. Recipients should ignor
Our researchers found the Z1n ransomware during a routine inspection of new file submissions to the VirusTotal platform. Z1n is part of the Dharma ransomware family. This malicious program encrypts data and demands ransoms for its decryption. On our testing system, this ransomware encrypted files
Our analysis of the Browser-Surf application reveals that it functions as a browser extension designed to promote a particular URL (browser-surf.xyz) by modifying web browser settings. This modus operandi is commonly referred to as browser hijacking. It is advised to exercise caution with such app
Upon scrutinizing the email, we have found it to be a fraudulent notification purportedly from American Express. Crafted by scammers, it intends to entice recipients to access a deceptive website and divulge their personal information. Such emails fall under the category of phishing attempts.
BackMyData is a ransomware variant belonging to the Phobos family that we discovered during an inspection of malware samples submitted to VirusTotal. We found that BackMyData encrypts files, renames files, and provides two ransom notes ("info.hta" and "info.txt"). BackMyData renames files by appe
RustDoor is a Mac-targeting malware written in the Rust programming language. This malicious program has been around since at least the autumn of 2023. At the time of writing, three variants of RustDoor have been discovered (with the initial one speculated to be a test version). This program is