During our examination of malware samples submitted to VirusTotal, we discovered ransomware belonging to the Xorist family dubbed WiKoN. This ransomware encrypts files, appends the ".WiKoN" extension to filenames, changes the desktop wallpaper, creates the "HOW TO DECRYPT FILES.txt" file (a ransom
Upon inspection, we have determined that this email is fraudulent and contains an attachment. It intends to mislead unsuspecting individuals into divulging personal information. Such emails are referred to as phishing emails. It is advised that recipients disregard such emails. This email
After analyzing justcoolcaptcha[.]top, we discovered that this website displays a deceptive message and requests authorization to display notifications. Also, justcoolcaptcha[.]top may redirect to other sites of this kind. We came across justcoolcaptcha[.]top while scrutinizing sites that employ f
While checking the VirusTotal website for recently submitted malware samples, we discovered Charmant ransomware. This malware encrypts data, appends the ".charmant" extension to filenames, and creates a ransom note (the "#RECOVERY#.txt" file). An example of how Charmant renames files: it changes
Upon our investigation of the ExpandedOrigin application, we found that it exhibits intrusive advertising behavior, leading us to classify ExpandedOrigin as adware. Adware is frequently distributed through questionable and deceptive means, making it easy for unsuspecting users to download and in
Our recent analysis of malware samples submitted to VirusTotal has revealed the emergence of a new member of the Djvu ransomware family called Nitz. Its primary objective is to encrypt files on the compromised device and modify their filenames by adding the ".nitz" extension. Also, Nitz generates
While analyzing malware samples submitted to VirusTotal, our team came across Nifr ransomware, which belongs to the Djvu family. Upon infecting a computer, Nifr encrypts files and adds the ".nifr" extension to their filenames. For instance, a file originally named "1.jpg" would be renamed to "1.jp
The malware researchers in our team detected Niwm, a ransomware that falls under the Djvu family, during their analysis of samples that were submitted to VirusTotal. Ransomware is a malicious software that encrypts files, and in the case of Niwm, it appends ".niwm" extension to the original filena
After examining the Flash-Search browser extension, our team has determined that it operates as a browser hijacker. The primary aim of this program is to promote flash-search.xyz, a fake search engine. To accomplish this, Flash-Search alters the settings of the user's browser. Once added,
Upon scrutinizing the letter, we have concluded that it is a fraudulent email that has been created by scammers with the intention of tricking recipients into contacting them. The email is disguised as a communication from Microsoft and includes a fake customer support number. We strongly advise r