While investigating dubious websites, our researchers discovered the ernenskohyptoke[.]com rogue page. It is designed to promote browser notification spam and redirect users to different (likely unreliable/dangerous). Most visitors to ernenskohyptoke[.]com and pages akin to it access them via red
GREEDYFATHER is the name of a ransomware-type program. Malware within this category encrypts data and demands ransoms for its decryption. On our testing system, this ransomware encrypted files and added the ".GREEDYFATHER" extension to their filenames. For example, an original title such as "1.jp
Waste.app is a piece of rogue software discovered by our research team during a routine inspection of new file submissions to the VirusTotal site. Our analysis revealed that Waste.app is advertising-supported software from the Pirrit adware family. This application is designed to deliver intrusi
After a thorough examination, we have determined that deepconnection.co[.]in is a deceptive website employing clickbait tactics to deceive visitors into granting permission for notifications. Typically, users stumble upon websites like deepconnection.co[.]in unintentionally. Upon accessing
While reviewing submissions to the VirusTotal online platform, our researchers discovered the Repressionist.app adware. This application is part of the Pirrit adware family. Repressionist.app operates by feeding users with undesirable and potentially dangerous advertisements. Adware stan
After a thorough examination, it has been determined that Turtle is ransomware designed to target three distinct operating systems: Windows, Linux, and macOS. The main purpose of Turtle is to encrypt files. Additionally, it appends the ".TURTLERANSv0" extension to filenames. For instance, it renam
Upon inspection, we determined that "LEDGER SECURITY" is spam. This fake email states that a security vulnerability has been discovered on the recipient's Ledger hardware cryptocurrency wallet. This spam mail promotes a phishing website that targets wallet log-in credentials. The "LEDGER S
After a comprehensive examination, it has been revealed that PakicetusAttocki is an unreliable application distributed via a malicious installer. Once added, PakicetusAttocki activates the "Managed by your organization" feature (in Chrome or Edge browser). Also, this app can manage extensions and
Following a thorough examination, it has been determined that Plebeianness.app inundates users with bothersome advertisements. Applications of this nature are categorized as adware. Besides showcasing ads, Plebeianness.app may also collect user data. It is worth noting that Plebeianness.app belo
In the course of our review of malware samples submitted to VirusTotal, it has been identified that Ljaz is ransomware belonging to the Djvu family. Ljaz encrypts files, appends its extension (".ljaz") to filenames), and creates the "_readme.txt" file (a ransom note). An example of how Ljaz modif