During an examination of an unreliable installer downloaded from an unreliable website, we encountered the CanisLupusLupus browser extension. The investigation unveiled concerning characteristics associated with this extension, including its ability to activate the "Managed by your organization" f
In the dynamic field of cybersecurity, an interesting new development has surfaced. Sandman, a known advanced threat actor, has introduced an unusual and complex modular backdoor. What sets this apart is its use of the LuaJIT platform, which is not commonly seen in cyber threats. This innovative m
During our analysis of malware samples on the VirusTotal page, we came across the Azop ransomware, a member of the Djvu family. Upon infiltrating a computer, this ransomware encrypts data and appends the ".azop" extension to file names. For instance, it changes "1.jpg" to "1.jpg.azop" and "2.png"
In the course of our examination of malware samples on the VirusTotal page, we encountered the Azqt ransomware, which belongs to the Djvu malware family. Upon infiltrating a computer, this ransomware encrypts files and adds the ".azqt" extension to their filenames. For example, it changes "1.jpg"
During our analysis of malware samples on the VirusTotal website, we came across the Azhi ransomware, a member of the Djvu malware family. Once it infiltrates a computer, this ransomware encrypts files and appends the ".azhi" extension to their names. For instance, it renames "1.jpg" to "1.jpg.azh
The Beach Tab is a rogue extension that promises to display beach/seaside-themed browser wallpapers. Our examination revealed that this piece of software is a browser hijacker. It makes modifications to browser settings in order to promote (through redirects) the find.allsearchllc.com fake search
Our research team discovered the PracticeCycle adware-type app while inspecting new file submissions to the VirusTotal platform. This advertising-supported software is part of the AdLoad malware family. PracticeCycle is designed to run intrusive advertisement campaigns. Adware generates
Smiley Pop Search is a browser extension that displays smileys/emojis whenever a search query is entered. However, after examining Smiley Pop Search – we determined that it is browser-hijacking software. This extension makes changes to browser settings in order to generate redirects. Brows
Escape the Alien Extension is a piece of rogue software classified as a browser hijacker. This extension is promoted as a widget that allows users to play a game on their browser. It operates by modifying browser settings in order to endorse (through redirects) the sonline-search.com fake search e
Our examination of the "SecureMailBox - Account Reconfirmation" email revealed that it is spam. Letters belonging to this campaign promote a phishing scam that targets email log-in credentials. These fake emails claim that recipients must urgently reconfirm their accounts – to avoid their deletion