Domino is a type of malware that has been utilized by cybercriminals as early as late February 2023 to disseminate either the Project Nemesis information stealer or Cobalt Strike. The perpetrators achieve their objectives through the use of a Domino backdoor and loader. The Domino campaign is prop
RTM Locker (also known as Read The Manual Locker) is ransomware that encrypts files, changes the desktop wallpaper, drops the "How To Restore Your Files.txt" file containing a ransom note, and appends 64 random characters to the filenames of all encrypted files. It is known that RTM Locker is offe
Chameleon is the name of a trojan targeting Android Operating Systems (OSes). This malware is capable of stealing information (with a particular emphasis on banking data) and performing various other malicious activities. Chameleon has been around since at least January 2023 and, at the time of w
Our team came across the Online Radio app on a dubious website, which also has an official website. Upon evaluating the application, we determined that it is a browser extension that exhibits intrusive advertisements. As a result of this conduct, we have categorized Online Radio as adware.
While analyzing malware samples submitted to the VirusTotal site, our team discovered a ransomware variant dubbed CrossLock. The purpose of CrossLock is to block access to data by encrypting it. Also, CrossLock appends the ".crlk" extension to the filenames of all encrypted files and creates the "
During our investigation of the Sports Sensei browser extension, our team discovered that it functions as a browser hijacker with the intent of promoting a fake search engine (sportsensei.info). It is common for users to download and install or add browser hijackers inadvertently. Sports Sensei an
Stablepcprotection[.]com is a rogue webpage that our researchers discovered while inspecting questionable sites. It is designed to run scams and push spam browser notifications. Furthermore, this page can redirect users to different (likely unreliable/malicious) websites. Most visitors to webpage
While investigating new submissions to VirusTotal, our researchers discovered the SDK ransomware. This malicious program is part of the Phobos ransomware family. After we executed a sample of SDK ransomware on our testing system, it encrypted files and altered their filenames. Original titles wer
Our researchers discovered the MainHandler app while inspecting new submissions to VirusTotal. An investigation of this software revealed that it is adware belonging to the AdLoad malware family. MainHandler operates by displaying various advertisements, and it may have other harmful abilities.
During the analysis of malware samples submitted to VirusTotal, our team of malware experts discovered Coty - ransomware belonging to the Djvu family. Coty encrypts data, adds the ".coty" extension to the filenames, and creates a ransom note named "_readme.txt". An example of how Coty modifies fi