During our investigation of malware samples on the VirusTotal platform, we came across a ransomware variant known as Kitu. This particular ransomware utilizes file encryption to restrict access to files and appends the ".kitu" extension to filenames. Furthermore, it creates a ransom note called "_
During a routine inspection of untrustworthy websites, our researchers discovered the iamadssystems[.]com rogue page. It promotes browser notification spam and redirects users to other (likely dubious/malicious) sites. Most visitors to iamadssystems[.]com and similar webpages access them through
Smartshopsearch.com is the address of an illegitimate search engine. Websites of this kind are typically promoted by browser hijackers. This software modifies browser settings in order to cause redirects to endorsed sites. Additionally, fake search engines and browser hijackers usually have data-t
Our research team discovered the obsidiancutter[.]top rogue webpage while investigating untrustworthy sites. This page is designed to promote browser notification spam and redirect visitors to other (likely unreliable/harmful) websites. Most users access obsidiancutter[.]top and webpages akin to
Babylon is the name of a Remote Access Trojan (RAT). This program is designed to allow remote access and control over infected machines. Like most trojans of this kind, Babylon is multi-functional. It can perform various commands on compromised devices, and as such, it is deemed to be a high-risk
After examining the "American Express Merchant Reward" email, we determined that it is fake. This spam letter claims that the recipient has an incoming payment, to receive which – they must update and verify their account. It must be emphasized that this phishing mail is in no way associated with
While examining this page, we noticed that shows misleading content to trick visitors into agreeing to receive notifications. Also, mountaincaller[.]top redirects visitors to similar websites. Thus, it is highly advisable not to visit mountaincaller[.]top. It is worth mentioning that users rarely
While investigating new submissions to the VirusTotal site, our research team discovered the Black Hunt 2.0 ransomware. This malicious program encrypts data and demands ransoms for its decryption. On our test machine, Black Hunt 2.0 encrypted files by appending their filenames with a unique ID as
Our investigation revealed that this email is a phishing attempt, cleverly disguised as a letter from an email service provider. The scammers intend to deceive recipients into divulging sensitive personal information. To achieve this, they utilize a phishing website. The email claims that
Cactus is ransomware that encrypts data, provides a ransom note ("cAcTuS.readme.txt"), and appends the ".CTS1" extension to filenames. For instance, it renames "1.jpg" to "1.jpg.CTS1", "2.png.CTS1", and so forth. Cactus can use different encryption modes. Depending on the encryption mode used, Ca