During our examination of malware samples submitted to VirusTotal, we came across Ahgr, a ransomware variant that is part of the Djvu family. Ahgr encrypts files and modifies their names by adding the ".ahgr" extension. Furthermore, it creates a ransom note as a text file named "_readme.txt". Her
During our analysis of malware samples submitted to VirusTotal, we came across Ahui, ransomware belonging to the Djvu family. Ahui blocks access to files by encrypting them and alters their filenames by appending a new extension (".ahui"). Furthermore, it generates a ransom note (a text file named
Our research team discovered the fastcheck[.]top rogue page during a routine investigation of questionable websites. It is designed to push spam browser notifications and generate redirects to other (likely dubious/malicious) sites. Users typically access webpages via redirects caused by websites
Dollarsurvey[.]top is a rogue webpage that we discovered while investigating untrustworthy sites. It is designed to endorse dubious content and browser notification spam. Additionally, this page can redirect users to different (likely unreliable/harmful) websites. Visitors to dollarsurvey[.]top a
While investigating websites utilizing questionable advertising networks, we encountered ronadforyousystems[.]com. This site employs a clickbait technique to trick visitors into permitting it to show notifications (ads). Moreover, this site may redirect visitors to other unreliable websites. There
Our researchers discovered the centrumbook[.]com rogue page during a routine investigation of suspicious websites. It operates by promoting browser notification spam and redirecting visitors to other (likely untrustworthy/dangerous) sites. Most users enter webpages like centrumbook[.]com through
During our investigation of the Wingman Clock browser extension, we discovered that it operates as a browser hijacker - it is designed to modify web browser settings. Our team encountered Wingman Clock on a suspicious website. It is unusual for users to download and install (or add) browser hijack
Dating-universe[.]top is a rogue webpage that promotes browser notification spam and redirects visitors to other (likely unreliable/malicious) sites. We discovered this page after investigating a spam email. In addition to such mail, visitors to websites like dating-universe[.]top access them pri
Our testing of the Kryopage browser extension uncovered that it functions as a browser hijacker. The primary objective of this application is to alter the settings of web browsers. Our team came across Kryopage on a dubious website. It is uncommon for users to download and add browser hijackers in
Dariolelab[.]com has been identified as an untrustworthy website that employs clickbait to deceive visitors into subscribing to its notifications. Our team discovered dariolelab[.]com while investigating websites that utilize rogue advertising networks. It is crucial to note that the majority of u