While examining shady websites that use rogue advertising networks, we discovered downloadwiky[.]lol - another untrustworthy page. The purpose of this site is to lure visitors into downloading a file and agreeing to receive notifications. Also, downloadwiky[.]lol may redirect visitors to other web
Bestmaxfield[.]com is a rogue page that we discovered while inspecting websites using questionable advertising networks. It operates by pushing spam browser notifications and redirecting users to different (likely untrustworthy/harmful) sites. Most visitors to bestmaxfield[.]com and webpages akin
Our examination of the Currency Helper application has uncovered its nature as a browser extension designed to hijack web browsers. This app forcefully imposes a fake search engine (currencyhelperext.com) by modifying browser settings. Moreover, Currency Helper possesses the capability to access s
While analyzing malware samples submitted to VirusTotal, we discovered Gatq, a ransomware that belongs to the Djvu family. Gatq encrypts files and appends the ".gatq" extension to the names of encrypted files. Additionally, it generates a text file named "_readme.txt", which contains a ransom note
Our team recently identified a member of the Djvu ransomware family known as Gaze during our analysis of samples on VirusTotal. Gaze encrypts data and appends the ".gaze" extension to the affected files. After the encryption process, the ransomware leaves a ransom note named "_readme.txt". The fi
During our analysis, we discovered a ransomware dubbed Gapo that utilizes file encryption and alters filenames by appending the ".gapo" extension. Additionally, it generates a ransom note in the form of the "_readme.txt" file. Our team encountered Gapo while examining various malware samples submi
After reviewing this email, our team has determined that it is a fraudulent message crafted by scammers with the intention of deceiving recipients into divulging their personal information. The email masquerades as a quotation request but actually contains a link to a phishing page that prompts vi
Warp is the name of a powerful GO-based information-stealing malware that drops an Avast anti-rootkit driver and exfiltrates stolen data via Telegram. It poses a serious threat to system security and privacy. Thus, victims should remove it from infected systems as soon as possible. Warp st
During the analysis of samples submitted to VirusTotal, our malware researchers uncovered Alphaware, a ransomware primarily employed for monetary extortion. This malicious software encrypts files, rendering them inaccessible until a ransom is paid. Furthermore, Alphaware appends the ".Alphaware"
In our examination of the AlphaLegend application, we observed intrusive advertising behavior, categorizing it as adware. Adware is often distributed through questionable and deceptive methods, making it possible for unsuspecting users to download and install it unintentionally. AlphaLeg