During a routine inspection of new malware submissions to VirusTotal, our research team found the Lucknite (ETH) ransomware. Programs within this classification are designed to encrypt data and demand payment for the decryption tools. After being executed on our test machine, Lucknite (ETH) encry
Truebot, also known as Silence.Downloader, is a malicious program that has botnet and loader/injector capabilities. This malware can add victims' devices to a botnet and cause chain system infections (i.e., download/install additional malicious programs/components). There is significant variation
Our team has examined vividcaptcha[.]top and found that it displays a deceptive message to trick visitors into allowing it to show notifications. Also, vividcaptcha[.]top redirects visitors to a scam website. We discovered vividcaptcha[.]top while visiting pages that use rogue advertising networks
When we installed a fake Adobe Flash Player updater on our testing system, we found that it was bundled with the ProvidedSearch Rogue application. This app ran intrusive advertisement campaigns, and due to this behavior – it is categorized as adware. Additionally, we learned that ProvidedSearch
We have investigated myreqdcompany[.]com and discovered that it shows a deceptive message to lure visitors into agreeing to receive notifications. Also, myreqdcompany[.]com redirects to other websites of this type. Our team discovered myreqdcompany[.]com while inspecting pages that use rogue adver
Juli is ransomware belonging to the VoidCrypt family. We discovered this ransomware variant while inspecting malware samples submitted to VirusTotal. Juli encrypts files, appends the victim's ID, juli1990@mailfence.com email address, and the ".Juli" extension to filenames, and drops the "unlock-in
Our team has discovered a new Djvu ransomware variant called Maos while examining malware samples submitted to the VirusTotal site. Maos encrypts files and appends the ".maos" extension to filenames. It also provides a ransom note (creates a text file named "_readme.txt"). An example of how Maos
Manw is ransomware belonging to the Djvu family. We discovered Manw while examining malware samples submitted to VirusTotal. After testing the sample, we learned that Manw encrypts files and appends the ".manw" extension to their filenames. Also, it drops the "_readme.txt" file - a ransom note con
After downloading and adding the Simple AdBlock browser extension, we learned that it has parameters of advertising-supported software - it displays annoying advertisements. We discovered Simple AdBlock on a questionable website. It is worth mentioning that most users download and install adware i
Clean Notifications is the name of a rogue browser extension. It operates by modifying browser settings in order to cause redirects to the cleannotifications.com fake search engine. Additionally, this extension spies on users' browsing activity. Due to this behavior, Clean Notifications is classif