Our research team discovered the ChatGPT Check browser extension while investigating untrustworthy websites. We found a page pushing an installation setup containing this extension and ChatGPT Check's "official" promotional page. The latter described it as a tool for those who do not want to crea
Apocalipse is a malicious program based on Chaos ransomware. Our researchers discovered it while investigating new submissions to the VirusTotal platform. Malware within the ransomware classification is designed to encrypt data and demand payment for its decryption. On our test machine, Apocalips
Virtual Piano New Tab is a rogue browser extension. It is promoted as a virtual piano widget for browsers. After analyzing this piece of software, we determined that it is a browser hijacker. This extension makes changes to browser settings in order to endorse (via redirects) the find.vnav-web.com
After analyzing the "Cloud Voicemail" email, we determined that it is spam. The fake letter notifies the recipient of a voicemail that they have been sent. The voice message is supposedly in the attached file. The attachment is a phishing file that imitates the recipient's email sign-in page. Henc
While inspecting new submissions to the VirusTotal website, our researchers discovered the Deep ransomware-type program. It is part of the Phobos ransomware family. Deep (Phobos) operates by encrypting data to demand payment for its decryption. On our test machine, this ransomware encrypted files
Following an evaluation of the Rocket App application, it has been determined that its primary purpose is to function as a browser hijacker with the objective of promoting r.bsc.sien.com, a fraudulent search engine. This extension alters the settings of a web browser with the intention of gaining
During an examination of an unreliable installer downloaded from an unreliable website, we encountered the CanisLupusLupus browser extension. The investigation unveiled concerning characteristics associated with this extension, including its ability to activate the "Managed by your organization" f
In the dynamic field of cybersecurity, an interesting new development has surfaced. Sandman, a known advanced threat actor, has introduced an unusual and complex modular backdoor. What sets this apart is its use of the LuaJIT platform, which is not commonly seen in cyber threats. This innovative m
During our analysis of malware samples on the VirusTotal page, we came across the Azop ransomware, a member of the Djvu family. Upon infiltrating a computer, this ransomware encrypts data and appends the ".azop" extension to file names. For instance, it changes "1.jpg" to "1.jpg.azop" and "2.png"
In the course of our examination of malware samples on the VirusTotal page, we encountered the Azqt ransomware, which belongs to the Djvu malware family. Upon infiltrating a computer, this ransomware encrypts files and adds the ".azqt" extension to their filenames. For example, it changes "1.jpg"