Tnwkgbvl is ransomware that our team discovered while examining malware samples submitted to VirusTotal. We found that Tnwkgbvl belongs to the Snatch ransomware family. The purpose of Tnwkgbvl is to make files inaccessible by encrypting them. Also, Tnwkgbvl creates a ransom note ("HOW TO RESTORE Y
Targeting macOS users, ShadowVault is an information-stealing malware. Its creators market and sell it on a hacker forum at a price of $500 per month. This malicious software is capable of extracting sensitive data from web browsers, files stored on compromised computers, as well as data from cr
DefaultOptimization is an adware-type application belonging to the AdLoad malware family, which our research team discovered while investigating new submissions to the VirusTotal site. This app is designed to display advertisements that primarily promote deceptive/malicious content. Adwa
Our researchers discovered the Anti-us ransomware during a routine inspection of new submissions to VirusTotal. This malware is designed to encrypt data and demand payment for its decryption. After we executed a sample of Anti-us on our testing system, it encrypted files and appended their filena
While investigating suspicious websites, our researchers came upon the "Win Mac Book M2" scam. It claims that the visitor can win a prize by providing their data to the sponsored site. At the time of research, this scheme promoted a phishing webpage that targets email addresses. The scam c
After examining the "Your E-mail Will Be Closed" spam letter, we determined that it is malspam. This fake message claims that the recipient's email account will be terminated unless it is updated. The goal is to lure the recipient into opening the malicious attachment, which is designed to infect
Our analysis uncovered that goghoordsurvey[.]top is an unreliable website involved in a survey scam. Also, this website attempts to prompt users to enable notifications and redirects them to other shady websites. It is crucial to emphasize that users do not deliberately visit sites like goghoordsu
Our researchers discovered the ComplexPortal application while inspecting new submissions to the VirusTotal website. After investigating this app, it operates as advertising-supported software (adware). ComplexPortal is part of the AdLoad malware family. Adware is designed to generate re
ThirdEye is the name of an information stealer targeting Windows users. Although this malware is not classified as highly advanced, its primary objective is to extract sensitive information from compromised systems. The stolen data can serve as a foundation for subsequent cyber attacks. Th
DARKKUR is the name of a ransomware-type program. Malware within this category is designed to encrypt data and demand payment for its decryption. DARKKUR appends the filenames of encrypted files with a unique ID assigned to the victim, the cyber criminals' email address, and an extension. The ext