While investigating new submissions to the VirusTotal site, our research team discovered the Mynvhefutrx malicious program. It is part of the Snatch ransomware family. Malware within the ransomware classification is designed to encrypt files and demand ransoms for their decryption. On our test ma
Our team examined Space Spiders and found that it hijacks a web browser by changing some of its settings to search.spacespiders.net - it promotes a fake search engine. It is common for browser hijackers to be promoted using shady methods. Thus, users often add browser hijackers to their browsers i
While investigating deceptive websites, our researchers discovered an installer containing an application called Subtitles. After inspecting this piece of software, we determined that it is adware. Adware stands for advertising-supported software. Its goal is to generate revenue for its de
Cropsibagen[.]com is a rogue webpage that is designed to push spam browser notifications and redirect visitors to other (likely unreliable/harmful) sites. Users primarily enter cropsibagen[.]com and pages akin to it via redirects generated by websites utilizing rogue advertising networks. Our res
Axegrinder[.]top is the address of a rogue page. It operates by promoting browser notification spam and redirecting visitors to other (likely dubious/malicious) sites. Users primarily access pages of this kind through redirects caused by websites employing rogue advertising networks. Our research
During our examination of Flexi Search New Tab, we found that this extension functions as a browser hijacker. We learned that the purpose of Flexi Search New Tab is to promote searchflexi.com, which is a fake search engine. Flexi Search New Tab promotes searchflexi.com by taking control over a web
DesignationDrive is an adware-type application that our research team discovered while investigating new submissions to the VirusTotal website. This app is part of the AdLoad malware family. DesignationDrive is designed to feed users with unwanted/deceptive advertisements. Adware stands
Upon examination of mycaptchaspace[.]top, our team has determined that its purpose is to deceive visitors into granting permission for notification delivery. Mycaptchaspace[.]top utilizes deceptive content to obtain this permission. Our team came across mycaptchaspace[.]top while investigating dub
While inspecting malware samples submitted to VirusTotal, our team discovered DEADbyDAWN - ransomware designed to encrypt files. Also, DEADbyDAWN alters file names by replacing them with a random string of characters and appending its unique extension. It is important to note that different sample
Raasv2 is ransomware that our team discovered while examining samples submitted to VirusTotal. Our analysis revealed that Raasv2 encrypts files, renames all encrypted files, and creates the "#FILES-ENCRYPTED.txt" file (a ransom note). It prepends the decryption.helper@aol.com email address and the