While investigating new submissions to the VirusTotal website, our research team found the FAST ransomware. Malicious programs within this classification are designed to encrypt data and demand ransoms for its decryption. On our test machine, FAST encrypted files and altered their filenames. Orig
During our investigation of suspicious advertising networks, our team came across sadrettinnow[.]com This website is specifically designed to deceive users into subscribing to its notifications and can redirect visitors to similar pages. It is uncommon for users to visit such pages intentionally.
During our investigation of the Fast Cars Tab extension, we discovered that it seizes control of web browsers by making changes to their settings. The primary objective of this browser-hijacking extension is to endorse a deceptive search engine known as fastcarstab.com. Furthermore, there is a pos
Browser Cleaner Pro is marketed as a powerful tool designed to effectively clean browsing data and cookies. However, while testing this browser extension, our team noticed that it delivers intrusive advertisements. For this reason, we classified Browser Cleaner Pro as adware (advertising-supported
During our analysis of malware samples on VirusTotal, we came across a member of the Djvu ransomware family dubbed Vaze. This particular ransomware encrypts files and modifies their original filenames by appending the ".vaze" extension. It also leaves a ransom note, a text file named "_readme.txt"
Vapo is ransomware belonging to the Djvu family that encrypts files on the victim's computer and requests a ransom payment in exchange for decryption tools. Our team discovered Vapo during an assessment of newly submitted malware samples on VirusTotal. It is worth noting that Vapo may be distribut
While investigating untrustworthy websites, our research team discovered the Play Audio browser extension. It is promoted as a tool that enables users to listen to any audio format on the Web. After analyzing this piece of software, we determined that it is adware. Play Audio runs intrusive adver
"Alert! - Suspension Notification" is a spam email. This scam letter makes false claims regarding the suspension of the recipient's email account. Its goal is to trick recipients into disclosing their account log-in credentials to a phishing website. The spam email with the subject "Kindly
After investigating the "Payment Confirmation" email, we determined that it is spam. Allegedly containing documentation relating to the confirmation of a payment, this fake letter actually has a phishing file attached to it. This file targets account log-in credentials (usernames/passwords).
Captchagenius[.]top is a rogue webpage that we discovered while investigating suspicious sites. It operates by promoting browser notification spam and redirecting visitors to different (likely unreliable/harmful) pages. Users primarily enter captchagenius[.]top and similar webpages via redirects