During our analysis of malware samples on VirusTotal, we came across a member of the Djvu ransomware family dubbed Vaze. This particular ransomware encrypts files and modifies their original filenames by appending the ".vaze" extension. It also leaves a ransom note, a text file named "_readme.txt"
Vapo is ransomware belonging to the Djvu family that encrypts files on the victim's computer and requests a ransom payment in exchange for decryption tools. Our team discovered Vapo during an assessment of newly submitted malware samples on VirusTotal. It is worth noting that Vapo may be distribut
While investigating untrustworthy websites, our research team discovered the Play Audio browser extension. It is promoted as a tool that enables users to listen to any audio format on the Web. After analyzing this piece of software, we determined that it is adware. Play Audio runs intrusive adver
"Alert! - Suspension Notification" is a spam email. This scam letter makes false claims regarding the suspension of the recipient's email account. Its goal is to trick recipients into disclosing their account log-in credentials to a phishing website. The spam email with the subject "Kindly
After investigating the "Payment Confirmation" email, we determined that it is spam. Allegedly containing documentation relating to the confirmation of a payment, this fake letter actually has a phishing file attached to it. This file targets account log-in credentials (usernames/passwords).
Captchagenius[.]top is a rogue webpage that we discovered while investigating suspicious sites. It operates by promoting browser notification spam and redirecting visitors to different (likely unreliable/harmful) pages. Users primarily enter captchagenius[.]top and similar webpages via redirects
Upon investigation, we determined that this email is a phishing scam disguised as a notification from an email service provider featuring a link to a deceptive website. Therefore, we have categorized it as a phishing email. Typically, scammers employ such emails to trick recipients into revealing
Nature-Newtab is a rogue browser extension that our research team found while investigating suspect sites. It operates by making changes to browser settings in order to promote (through redirects) the api.nature-newtab.com illegitimate search engine. Due to this behavior, Nature-Newtab is categori
Upon conducting tests on bestsearch.ai, we discovered that the search engine is unreliable and produces questionable results, often including advertisements. Such search engines are commonly associated with browser hijackers, which promote them by modifying web browser settings. Bestsearch
Pikabot, also known as PikaBot and iPikaBot, is a malicious program. It is classed as loader-type malware. Pikabot is designed to cause chain infections. In other words, it can download/install additional malicious programs or components. Pikabot employs various anti-analysis techniques, i