Our research team discovered the HentaiLocker malicious program while checking out new submissions to VirusTotal. This software is classified as ransomware. It operates by encrypting data and demanding payment for the decryption. On our testing system, HentaiLocker encrypted files and renamed the
BLOCKY is ransomware that blocks access to files by encrypting them. It also appends the ".locked" extension to the filenames of encrypted files, changes the desktop wallpaper, and creates the "READ_IT.txt" text file that contains a ransom note. We have discovered BLOCKY ransomware while checking
Btnw is the name of ransomware that our team has discovered while analyzing malware samples submitted to VirusTotal. We found that Btnw belongs to a ransomware family called Djvu. Ransomware variants belonging to this family are often distributed alongside information stealers such as RedLine and
OperativeInfluence is a rogue app that our research team discovered while inspecting new submissions to VirusTotal. We determined that this application operates as adware and belongs to the AdLoad malware family. Adware stands for advertising-supported software. It enables the placement
While inspecting new submissions to VirusTotal, we discovered the LaserMacroKnowledge application. After analyzing this piece of software, we determined that it is adware. It is pertinent to mention that this app is part of the AdLoad malware family. Adware runs intrusive advertisement c
Masscan is a ransomware-type program designed to encrypt data and demand ransoms for the decryption keys/tools. There are three variants of this malware, referred to as "F", "G", and "R". Masscan appends the encrypted files with an extension differing by a letter between the ransomware versions,
Our team has inspected captchaglow[.]top and found that it is a deceptive website designed to trick visitors into agreeing to receive notifications and redirect them to other untrustworthy pages. We have discovered captchaglow[.]top while visiting sites that use shady advertising networks.
CryptoArch is a ransomware-type program. Malware within this category typically operates by encrypting data and making ransom demands for the decryption tools. After launching CryptoArch on our test machine, we learned that it does not encrypt files. What this ransomware does is wipe the files –
We have tested privatesearches.org and found that it is a shady search engine that can show misleading results. Our team has discovered privatesearches.org after installing a fake Google Docs application downloaded from a deceptive page. The fake Google Docs app promotes privatesearches.org by hi
While checking out dubious websites, our researchers discovered the arachidenews[.]com rogue webpage. During our inspection, we found two variants of this page, both of which employed fake CAPTCHA verification to deceive visitors into enabling spam browser notification delivery. Additionally, arac