During our investigation, we uncovered that atkatj[.]com employs a deceptive tactic to obtain permission to display notifications. Additionally, this website redirects visitors to other pages. Our interaction with atkatj[.]com took place while analyzing pages linked to untrustworthy advertising ne
Theactualblog[.]com is a rogue page that we discovered while investigating untrustworthy websites. It is designed to push spam browser notifications and redirect visitors to different (likely unreliable/harmful) sites. Most visitors to theactualblog[.]com and webpages akin to it – access them via
8base is ransomware belonging to the Phobos family. Our malware researchers discovered 8base while checking the VirusTotal page for recently uploaded malware samples. The purpose of 8base is to encrypt files. Also, it provides two ransom notes ("info.hta" and "info.txt") and modifies filenames. 8
Gh0stBins is the name of a sophisticated Remote Access Trojan (RAT) written in the C++ programming language. Malware classed as such is designed to enable remote access and control over compromised machines. RATs are highly versatile malicious tools capable of performing a variety of actions on in
Tghz is a variant of the Djvu ransomware family that our malware researchers discovered during their analysis of samples submitted to VirusTotal. Ransomware is malicious software that encrypts files, and in the case of Tghz, it also adds the ".tghz" extension to the filenames of the encrypted file
During our analysis of samples on VirusTotal, our team discovered a new variant of the Djvu ransomware family called Tgpo. This particular variant encrypts data and adds the ".tgpo" extension to the affected files. The ransomware leaves a ransom note named "_readme.txt" after the encryption proces
Our team has recently uncovered a new addition to the Djvu ransomware family dubbed Tgvv. Tgvv is a malicious program designed to encrypt files, making them inaccessible to victims. Our discovery of Tgvv occurred during the analysis of samples submitted to the VirusTotal website. It is crucial to
While reviewing new submissions to the VirusTotal website, our researchers discovered the OriginalConnection app. This piece of software operates as adware. It also belongs to the AdLoad malware family. Adware stands for advertising-supported software. It is designed to generate revenue
While investigating dubious websites, our research discovered the Motorcycles Wallpaper browser extension. It displays high-quality motorcycle-themed browser wallpapers. However, after examining this piece of software, we determined that it is a browser hijacker. Motorcycles Wallpaper modi
While investigating suspicious websites, our research team discovered Focusio. This browser extension makes changes to browser settings in order to generate redirects to promoted sites. Additionally, Focusio spies on users' browsing activity. Due to this behavior, it is classified as a browser hij