During a routine investigation of new file submissions to the VirusTotal site, our researchers discovered the Jarjets ransomware. It is designed to encrypt files and demand payment for its decryption. On our test machine, this ransomware encrypted files and changed their filenames. Original title
Our research team discovered an installation setup containing the DodoIneptus malicious extension while investigating suspect websites. It can manage and manipulate browsers. This piece of software also has data-tracking abilities. The presence of DodoIneptus on browsers endangers user privacy and
StripedFly is a sophisticated cross-platform malware framework. It targets Windows and Linux operating systems. This software is modular, i.e., it downloads modules for additional functionality. StripedFly utilizes extensive anti-detection capabilities that have contributed to its initial misiden
GoPIX is a malicious program targeting the Pix instant payment platform. Essentially, this malware operates as a clipper designed to reroute transactions made through the Pix platform. It does also work as a more standard clipper, i.e., the program likewise targets cryptocurrency transactions. Go
Equidae is a malicious extension compatible with Google Chrome and Microsoft Edge. This software can manipulate and manage browsers, and these functionalities can be used for a variety of harmful activities. Additionally, this browser extension collects vulnerable information. Our research team d
Lumar is a lightweight stealer-type malware written in the C programming language. As its classification implies, this piece of software is designed to steal information. Data of interest includes Internet cookies, stored passwords, and cryptocurrency wallets. Lumar was first noted being promoted
"Virus/Malware Infections Have Been Recognized" is a technical support scam that our researchers found while inspecting rogue websites. This scheme aims to deceive users into calling fake Microsoft Support by claiming that their device is infected. The "Virus/Malware Infections Have Been R
Our examination of this "Adobe Invoice" email revealed that it is spam. The letter is presented as an invoice for a year-long subscription to Adobe. It is the lure used to trick recipients into a callback scam. Oftentimes, the goal of such schemes is to deceive victims into disclosing private data
PsittacosaurusMongoliensis is a malicious browser extension discovered by our researchers during a routine investigation of dubious websites. It is worth mentioning that the type of installation setup used to promote this extension might also be bundled with adware, browser hijackers, PUAs, and ot
DiprotodonOptatum is a malicious browser extension that our research team discovered in an installer endorsed on a deceptive website. This piece of software is capable of manipulating browsers and extracting sensitive data from them. It is noteworthy that installation setups carrying software lik