Raspberry Robin is a highly sophisticated malware (worm) known for evading detection and employing unique tactics. In the past year, it has become one of the most widely distributed malware in use by various threat actors to distribute other malicious software, including Clop ransomware and IcedID
Our research team discovered the Gold ransomware-type program while investigating new malware submissions to VirusTotal. This malicious program is part of the Xorist ransomware family. Once we launched a sample of Gold (Xorist) ransomware on our testing system, it began encrypting files and chang
Our investigation revealed that Yearn New Tab is a browser extension designed to hijack a web browser by changing some of its settings. Also, Yearn New Tab can read various data. A big part of browser-hijacking apps is promoted and distributed using shady methods. Thus, users often download and ad
Kmbgdftfgdlf is ransomware belonging to the Xorist family. Our team discovered Kmbgdftfgdlf while analyzing malware samples on the VirusTotal page. Since Kmbgdftfgdlf is ransomware, it encrypts data to make it inaccessible to victims. Also, Kmbgdftfgdlf appends the ".kmbgdftfgdlf" extension to fi
During our investigation into dubious websites that falsely indicate outdated software, we came across RecordConsole, which upon downloading and installation, proved to be of no practical use and instead displayed irritating advertisements. For this reason, our team classified RecordConsole as a
While inspecting suspicious sites, our researchers discovered the Ultimate Files Downloader browser extension. It is presented as a download management tool. However, our inspection of Ultimate Files Downloader revealed that it operates as advertising-supported software (adware). Adware is
Our research team discovered the Tab Manager browser extension while inspecting deceptive websites. This piece of software supposedly has the ability to close all browser tabs at once, regardless of their type (e.g., incognito, pinned, etc.). However, our analysis of this extension revealed that i
We discovered the suggestonlineweb.com fake search engine while investigating browser-hijacking software. Websites of this kind are typically incapable of providing search results, and while suggestonlineweb.com can – they are irrelevant and include sponsored and potentially harmful content. In m
While examining the ChatSAI application, our team found that it functions as a browser hijacker. The purpose of this app is to force users to use chatsai.nextjourneyai.com - a fake search engine. ChatSAI achieves this by modifying the settings of a web browser. It is worth noting that users tend t
While investigating suspicious websites, our research team discovered the "McAfee - A Virus Has Been Found On Your PC!" scam. This deceptive content is disguised as the McAfee anti-virus, and it must be stressed that the actual McAfee Corp. is not associated with this scheme. "McAfee - A Virus Ha