While examining new submissions to the VirusTotal website, our researchers discovered the btc-A ransomware. This malicious program belongs to the Xorist ransomware family. When we launched a sample of this ransomware on our test system, it encrypted files and appended their titles with a ".btc-Ap
Our research team found the Amazon Rain Forest - New Tab Search browser extension while investigating deceptive webpages. This extension is endorsed as a tool that displays browser wallpapers depicting the Amazon rainforest. After analyzing this piece of software, we determined that it is a brows
Convert Page to PDF browser extension is advertised as a tool that allows users to convert a web page into a PDF file simply by clicking on its icon. However, during our examination, we noticed that Convert Page to PDF app displays annoying advertisements. Thus, we classified this program as adwar
Upon analyzing the email, our team has determined that its purpose is to trick recipients into revealing their personal information. Such letters are called phishing emails. The email in question urges recipients to review certain documents, but in reality, it is a fraudulent message that should b
GAZPROM is a malicious program that uses CONTI ransomware's code. Malware within the ransomware classification operates by encrypting data for the purpose of demanding ransom for its decryption. After we executed a sample of GAZPROM on our testing system, it encrypted files and appended their fil
Upon examining this email, we have discovered that it is a phishing scam that masquerades as a notification from the South African Post Office. The objective of this fraudulent email is to trick the recipients into accessing a bogus website and divulging their personal information. Therefore, it i
Rec_rans is the name of malware that operates as ransomware. Our team discovered it while examining malware samples on VirusTotal. Rec_rans encrypts files on the infected computer, changes the desktop wallpaper, drops the "HOW_TO_RECOVERY_FILES.txt" file containing a ransom note, and adds the ".re
BlackSuit is ransomware - malware that prevents victims from accessing their files by encrypting them. BlackSuit targets Windows and Linux users. In addition to encrypting data, this ransomware changes the desktop wallpaper, creates the "README.BlackSuit.txt" file (a ransom note), and renames file
Upon investigation of Sticky Note Board Extension, we found that it is an extension for web browsers that is intended to boost the visibility of a fake search engine known as search.notesticky-extension.com. This is achieved by seizing control of the browser settings. Apps that operate like Sticky
Econsultingcoem[.]com is a rogue page that we discovered while inspecting dubious sites. This website promotes browser notification spam and redirects users to other (likely unreliable/dangerous) pages. Visitors to econsultingcoem[.]com and sites akin to it – access them primarily through redirec