Our researchers discovered the Gash ransomware while inspecting new submissions to VirusTotal. This malicious program belongs to the Djvu ransomware family. After we launched a sample of Gash on our test machine, it encrypted files and appended their filenames with a ".gash" extension. For exampl
Upon inspection, we have determined that the email is a phishing attempt disguised as a letter regarding an order. Clicking on the links within the email opens a phishing page, a fraudulent website created to extract sensitive information from unsuspecting visitors. This phishing email app
After inspecting "Server Security Alert", we determined that it is a phishing email. This spam letter claims that due to the inbox storage limit having been reached, incoming messages have failed delivery. The recipient is instructed to clear the old emails through a promoted fake sign-in webpage.
Newlocker is ransomware belonging to the MedusaLocker family. Our team discovered Newlocker while examining malware samples submitted to the VirusTotal page. Newlocker encrypts files, appends the ".newlocker" extension to filenames, and creates the "HOW_TO_RECOVER_DATA.html" file containing a rans
Our research team discovered the Solix ransomware during a routine investigation of new submissions to the VirusTotal site. Malware within this classification is designed to encrypt data and demand payment for its decryption. After we executed a sample of Solix on our test machine, it encrypted f
Upon our examination of the Style Guru application, this extension was found to function as a browser hijacker. It modifies certain settings of the web browser to point to prosearchsolutionz.com, which is a shady search engine. Both Style Guru and prosearchsolutionz.com should not be trusted.
During our testing of the Up 2 Date browser extension, we discovered that it functions as a browser hijacker. The extension takes control of the user's browser by modifying certain settings, leading to the use of finddbest.co. The main objective of the Up 2 Date extension is to promote a fake sear
Suffering is ransomware that encrypts files, drops the "how_to_back_files.html" file (a ransom note), and appends the ".Suffering" extension to filenames. Our malware researchers discovered Suffering while checking the VirusTotal site for recently submitted malware samples. An example of how Suff
During our analysis of The Stage browser extension, we discovered that it seizes control of a web browser by altering its settings. The primary objective of this browser-hijacking application is to endorse a fake search engine known as finddbest.co. Moreover, The Stage could be intended to accumul
Ritingsynther[.]com is a rogue page that we discovered while inspecting suspicious websites. It is designed to promote spam browser notifications and redirect users to other (likely untrustworthy/dangerous) sites. Users primarily access webpages like ritingsynther[.]com via redirects generated by