Our researchers found the 2023 ransomware-type program while inspecting new file submissions to the VirusTotal website. This program is designed to encrypt data and demand payment for its decryption. It is part of the Dharma ransomware family. On our test machine, the 2023 program encrypted files
After a thorough examination of this email, it has been ascertained that it is a deceptive email designed to coax recipients into opening the attached file. The primary objective of the cybercriminals orchestrating this campaign is to mislead recipients into unwittingly running malicious software
During the examination of samples submitted to VirusTotal, the Th ransomware belonging to the Xorist family has been discovered. Cybercriminals utilize this malware to encrypt files. Additionally, Th renames files (adds the ".th" extension to filenames), displays an error window and creates the "К
Vespy Grabber is a sophisticated and multifaceted malware that poses a grave risk to both individual users and organizations. Vespy Grabber is a highly invasive malware strain known for its extensive capabilities, ranging from capturing desktop and webcam screenshots to exfiltrating sensitive data
During the analysis of malware samples using VirusTotal, we encountered a ransomware variant known as Ptrz. This ransomware is responsible for encrypting files and altering their filenames by appending the ".ptrz" extension. Furthermore, Ptrz generates a ransom note, which can be located within a
Exodus is insidious software designed with the malevolent intent of surreptitiously infiltrating Exodus wallets used to store cryptocurrency. With a devious methodology, the Exodus wallet stealer is engineered to steal the wallets and their contents, including private keys, public keys, and the cr
Our researchers discovered the easyfondsonline[.]com rogue page while inspecting untrustworthy websites. This webpage promotes spam browser notifications and generates redirects to other (likely dubious/malicious) sites. The majority of users access pages like easyfondsonline[.]com via redirects
Comscp.co[.]in is a rogue page that we found during a routine investigation of questionable websites. It operates by pushing browser notification spam and redirecting visitors to different (likely unreliable/dangerous) sites. Users primarily enter pages like comscp.co.in through redirects generate
Our research team discovered arkakunaa[.]com during a routine investigation of suspicious websites. This rogue page is designed to promote browser notification spam. Additionally, it can redirect users to other (likely untrustworthy/harmful) sites. Most visitors to arkakunaa[.]com and similar web
Upon thorough examination of abscondslab[.]com, it has been discovered that this website utilizes a deceptive strategy known as clickbait. Abscondslab[.]com employs misleading elements, encompassing textual and visual components, to coax visitors into agreeing to receive its notifications. Consequ