During our examination of malware samples submitted to VirusTotal, we came across Tcvjuo, a ransomware variant associated with the Snatch family. Tcvjuo is designed to encrypt files, append its extension (".tcvjuo") to the filenames of encrypted files, and generate a ransom note named "HOW TO REST
During our investigation of mithrilminer[.]top, we uncovered its deceptive practices of coaxing visitors into granting permission to show notifications. Additionally, the website redirects users to similar pages. Our team encountered mithrilminer[.]top while analyzing websites associated with ques
While inspecting malware samples submitted to VirusTotal, we discovered Hgjzitlxe, which is ransomware belonging to the Snatch family. We found that Hgjzitlxe encrypts files, appends its extension (".hgjzitlxe") to filenames, and creates a ransom note ("HOW TO RESTORE YOUR HGJZITLXE FILES.TXT").
During our investigation of nighridadered[.]com, we found that the website employs a clickbait technique to entice visitors into subscribing to its notifications. Furthermore, nighridadered[.]com may redirect users to unreliable websites. As a result, it is strongly recommended to avoid accessing
Our research team discovered the news-dudafa[.]com rogue webpage during a routine investigation of untrustworthy sites. This page is designed to push browser notification spam. It can also redirect users elsewhere (likely unreliable/hazardous websites). Most visitors to webpages like news-dudafa[
We discovered the UniversalDisplay rogue application during a routine inspection of new submissions to the VirusTotal website. After investigating this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported softw
While investigating new submissions to the VirusTotal site, our researchers discovered the Protect ransomware-type program. It is part of the MedusaLocker ransomware family. Ransomware is designed to encrypt data and demand ransoms for its decryption. On our test machine, a sample of Protect encr
During our examination of malware samples submitted to the VirusTotal website, we encountered Wayn, a ransomware variant that encrypts files and adds the ".wayn" extension to filenames. Additionally, Wayn leaves a ransom note (a text file named "_readme.txt"). An example of how Wayn modifies file
While analyzing malware samples on VirusTotal, we encountered a ransomware variant called Wazp, which belongs to the Djvu family. This ransomware encrypts files and alters their filenames by appending the ".wazp" extension. Additionally, Wazp leaves behind a ransom note file named "_readme.txt".
While investigating suspicious sites, our research team found a page promoting an installation setup containing the Streaming application. After examining this app, we determined that it is advertising-supported software (adware). The purpose of adware is to generate revenue for its develo