Kafan is a ransomware-type program that our researchers discovered while investigating new submissions to VirusTotal. Malware within this class is designed to encrypt data and demand payment for its decryption. After we executed a sample of Kafan on our test machine, it encrypted files and append
Upon inspecting worde[.]click, we concluded that this page shows deceptive messages, downloads a file, and asks for permission to show notifications. Our team stumbled upon worde[.]click during examination of websites that use rogue advertising networks and display dubious advertisements. Users ac
Our research team discovered the DivisionType application during a routine inspection of new submissions to VirusTotal. After analyzing this app, we determined that it is adware belonging to the AdLoad malware family. Meaning that DivisionType operates by running intrusive advertisement campaign
While inspecting Skynetlock, our team discovered that it is one of the ransomware variants belonging to the MedusaLocker family. We found Skynetlock while checking the VirusTotal site for recently submitted malware samples. The purpose of Skynetlock is to encrypt files. Additionally, Skynetlock a
Raspberry Robin is a highly sophisticated malware (worm) known for evading detection and employing unique tactics. In the past year, it has become one of the most widely distributed malware in use by various threat actors to distribute other malicious software, including Clop ransomware and IcedID
Our research team discovered the Gold ransomware-type program while investigating new malware submissions to VirusTotal. This malicious program is part of the Xorist ransomware family. Once we launched a sample of Gold (Xorist) ransomware on our testing system, it began encrypting files and chang
Our investigation revealed that Yearn New Tab is a browser extension designed to hijack a web browser by changing some of its settings. Also, Yearn New Tab can read various data. A big part of browser-hijacking apps is promoted and distributed using shady methods. Thus, users often download and ad
Kmbgdftfgdlf is ransomware belonging to the Xorist family. Our team discovered Kmbgdftfgdlf while analyzing malware samples on the VirusTotal page. Since Kmbgdftfgdlf is ransomware, it encrypts data to make it inaccessible to victims. Also, Kmbgdftfgdlf appends the ".kmbgdftfgdlf" extension to fi
During our investigation into dubious websites that falsely indicate outdated software, we came across RecordConsole, which upon downloading and installation, proved to be of no practical use and instead displayed irritating advertisements. For this reason, our team classified RecordConsole as a
While inspecting suspicious sites, our researchers discovered the Ultimate Files Downloader browser extension. It is presented as a download management tool. However, our inspection of Ultimate Files Downloader revealed that it operates as advertising-supported software (adware). Adware is