While analyzing malware samples submitted to the VirusTotal site, our team discovered a ransomware variant dubbed CrossLock. The purpose of CrossLock is to block access to data by encrypting it. Also, CrossLock appends the ".crlk" extension to the filenames of all encrypted files and creates the "
During our investigation of the Sports Sensei browser extension, our team discovered that it functions as a browser hijacker with the intent of promoting a fake search engine (sportsensei.info). It is common for users to download and install or add browser hijackers inadvertently. Sports Sensei an
Stablepcprotection[.]com is a rogue webpage that our researchers discovered while inspecting questionable sites. It is designed to run scams and push spam browser notifications. Furthermore, this page can redirect users to different (likely unreliable/malicious) websites. Most visitors to webpage
While investigating new submissions to VirusTotal, our researchers discovered the SDK ransomware. This malicious program is part of the Phobos ransomware family. After we executed a sample of SDK ransomware on our testing system, it encrypted files and altered their filenames. Original titles wer
Our researchers discovered the MainHandler app while inspecting new submissions to VirusTotal. An investigation of this software revealed that it is adware belonging to the AdLoad malware family. MainHandler operates by displaying various advertisements, and it may have other harmful abilities.
During the analysis of malware samples submitted to VirusTotal, our team of malware experts discovered Coty - ransomware belonging to the Djvu family. Coty encrypts data, adds the ".coty" extension to the filenames, and creates a ransom note named "_readme.txt". An example of how Coty modifies fi
BinaryOptimizer is a rogue application that our research team discovered while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it is adware. It is also pertinent to mention that BinaryOptimizer belongs to the AdLoad malware family. Adware stands for
Greatcaptchanow[.]top and the variants of this domain as well as those related to it (e.g., greatcaptchasnow[.]top, etc.) belong to rogue websites, which we discovered during a routine inspection of untrustworthy sites. These pages are designed to host questionable content and promote browser not
LockBit is the name of a ransomware targeting Mac Operating Systems (OSes). It is associated with the LockBit ransomware gang – the developers of LockBit, LockBit 2.0, LockBit 3.0, and various other variants. The aforementioned malware target Windows, Linux, and VMware ESXi servers. At the time
Recov is ransomware belonging to the VoidCrypt family. Our malware researchers discovered Recov while examining malware samples submitted to VirusTotal. They found that Recov encrypts data, modifies filenames, and drops a ransom note ("Dectryption-guide.txt"). Recov appends the victim's ID, an em