Our research team discovered CryptoTorLocker while investigating new malware submissions to VirusTotal. This malicious program is a variant of the CryptoLocker ransomware. Software within the ransomware classification encrypts data and demands payment for its decryption. After we executed a sampl
Lntriguingdate[.]com is a rogue page that we discovered while checking out untrustworthy websites. It is designed to load dubious content and promote browser notification spam. Furthermore, this webpage can redirect visitors to other (likely dubious/malicious) sites. Most users access pages like
Our team has examined searchontec.com and learned that it is a shady search engine that may provide questionable search results. Another issue with search engines of this kind is that a big part of them is promoted via browser hijackers. It is common for browser-hijacking apps to be promoted and d
Quick access to Chat GPT is the name of a fake Chrome extension designed to steal Facebook accounts. Although most of the targeted accounts are used for business/advertising, regular users are also at risk. It is being advertised on Facebook-sponsored posts as a tool allowing users to quickly acce
After examining this letter, we concluded that it is a fake letter from DHL - a legitimate logistics company providing courier, package delivery, and express mail service. Cybercriminals behind this email aim to trick recipients into infecting their computers with malware via the attached archive
Valyria is a detection name used by many security vendors. Files of various formats, including (but not limited to) malicious Microsoft Office documents, VBS, JavaScript, EXE, and others – can be detected as "Valyria". Typically, this detection indicates that the file is a dropper. These types of
After inspecting the "Payment Via ATM Visa Card Will Be Shipped" email, we determined that it is spam. This fake letter is presented as a missive from the "Executive Office of the President United States American" (mistyped the same in the original) and even the 46th president of the USA – Joe Bid
DrWeb is ransomware belonging to the Xorist family. Our malware researchers discovered DrWeb during an analysis of malware samples submitted to the VirusTotal website. DrWeb encrypts files, appends the ".DrWeb" extension to filenames, displays an error pop-up window and creates the "КАК РАСШИФРОВА
We have inspected this email and determined that it is a fake letter from an email service provider. Scammers behind this email aim to lure unsuspecting recipients into providing personal information on a phishing page. Recipients of this (or any similar) email should not open the provided site an
While investigating suspicious websites, we found the Download pro browser extension. It is promoted as a tool that aids with the management of download histories. However, our analysis of Download pro revealed that it operates as adware. Adware stands for advertising-supported software. I