During a routine inspection of new submissions to the VirusTotal website, our research team discovered the Alock ransomware-type program. It is part of the MedusaLocker ransomware family. On our test system, Alock ransomware encrypted files and appended their filenames with a ".alock" extension.
While investigating rogue websites, our research team discovered the "Clop Ransomware.dll" technical support scam. Presented as Microsoft/Windows, this scam falsely claims that users' computers are infected to trick them into calling fake support lines. Typically, these scams involve remote access
BLACK ICE ransomware is a type of malware designed to encrypt data and demand ransoms for its decryption. Additionally, this program uses double extortion tactics. After we executed a sample of BLACK ICE on our test machine, it encrypted files and appended their filenames with a ".ICE" extension.
INC is a ransomware-type program designed to encrypt data and demand payment for decryption. On our test machine, this malware encrypted files and appended their filenames with a ".INC" extension. To elaborate, a file initially named "1.jpg" appeared as "1.jpg.INC", "2.png" as "2.png.INC", and so
Re-captha-version-3-21[.]top is the address of a rogue site that promotes browser notification spam and redirects visitors to different (likely unreliable/malicious) webpages. Most users access pages like re-captha-version-3-21[.]top via redirects caused by websites utilizing rogue advertising ne
ZestyPeak is a rogue app that we discovered while investigating new submissions to VirusTotal. When we examined this application, we found that it is advertising-supported software (adware) belonging to the AdLoad malware family. ZestyPeak operates by running intrusive advert campaigns to genera
While investigating dubious webpages, our research team found the MySites browser extension. This piece of software promises to provide quick access to users' most frequently visited websites. Our analysis revealed that this extension alters browser settings in order to generate redirects to the g
Our researchers found the LookupLauncher rogue application during a routine inspection of new submissions to the VirusTotal site. After examining LookupLauncher, we determined that it is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to
Harward is the name of a ransomware-type program. It operates by encrypting files and demanding payment for their decryption. After we executed a sample of this ransomware on our testing system, it encrypted files and altered their filenames. Original titles were appended with the attackers' emai
Mobiledevice-protection[.]com is a rogue webpage that we discovered while inspecting dubious sites. It is designed to endorse scams and browser notification spam. Additionally, this page can redirect visitors to different (likely untrustworthy/hazardous) websites. Users primarily access webpages