The purpose of grakorte[.]com is to trick visitors into agreeing to receive notifications from it. Additionally, grakorte[.]com may redirect visitors to other untrustworthy pages. Our team discovered grakorte[.]com while inspecting web pages that utilize rogue advertising networks. Grakort
We inspected yourcoolwords[.]com and found that this page presents a deceptive message to lure visitors into allowing it to show/send notifications. Also, yourcoolwords[.]com redirects visitors to other websites. We encountered yourcoolwords[.]com while exploring sites that use shady advertising n
Hairysquid is ransomware that encrypts files and appends the ".Hairysquid" extension to the filenames of the encrypted files. Hairysquid is a new variant of the Mimic ransomware. In addition to encrypting files, Hairysquid creates a ransom note (the "READ_ME_DECRYPTION_HAIRYSQUID.txt" file). An e
Upon downloading and installing PromotePower, our team discovered that its main function is to display bothersome advertisements, leading us to classify it as adware. It is important to note that users often unwittingly download and install adware without understanding the potential consequences
While examining the SAI assistant browser extension, we noticed that it modifies the settings of a web browser to promote a fake search engine (search.extjourney.com). Thus, we classified AI assistant as browser hijacker. Additionally, AI assistant can read various data. Users should not download
Sus is ransomware that our team discovered while checking malware samples submitted to the VirusTotal page. We found that Sus is based on Chaos ransomware. Sus encrypts data, appends the ".sus" extension to filenames of all encrypted files, and drops a ransom note (the "read_it.txt" file). An exa
MacStealer is a type of information-stealing software that can obtain login credentials, cookies, and documents from a victim's web browser. It targets macOS versions from Catalina onwards, and can infect computers that use Intel M1 and M2 CPUs. MacStealer is for sale for $100 on a hacker forum.
Skynet is one of the ransomware variants belonging to the MedusaLocker family. Our malware researchers discovered Skynet while analyzing malware samples submitted to the VirusTotal site. The purpose of Skynet is to encrypt files on the infected computer. Also, Skynet creates the "Instructions for
While examining search-alpha.com, we learned that it is a fake search engine that shows results from other search engines. Search-alpha.com is another variant of searchmarquis.com. Fake search engines are promoted mainly through browser hijackers that modify the settings of web browsers. Thus, i
Dark Power is ransomware that prevents victims from accessing files by encrypting them. Also, Dark Power creates the "readme.pdf" file which contains a ransom note. Additionally, it appends the ".dark_power" extension to filenames (e.g., it renames "1.jpg" to "1.jpg.dark_power", "2.png" to "2.png.