While inspecting new submissions to VirusTotal, our research team discovered a malicious program named F**ked (title censored throughout the article, the asterisks stand for the letters "u" and "c", respectively). This program belongs to the Chaos ransomware family. Malware within the ransomware c
"Webmail Account Maintenance" is a spam email presented as a notification from Webmail. The fake letter states that the recipient's email account will be blocked due to unresolved maintenance issues. This spam mail promotes a phishing website targeting email account log-in credentials. The
Zaraza is the name of a stealer-type malware. Programs within this classification operate by extracting (stealing) information from infected systems and installed applications. Stealers can target specific details or a broad range of data. Regardless, malware like Zaraza poses serious threats to u
After examining ytgoconverter[.]com, we concluded that this page offers to download videos from YouTube, wants to show notifications, and uses shady advertising networks. It is important to mention that downloading videos from YouTube without permission from the copyright holder is generally not l
Our research team discovered an installation setup containing a browser hijacker named "Ring" while inspecting deceptive sites. Typically, software within this category makes alterations to browser settings. However, Ring does not modify browsers to promote the dmiredindee.com fake search engine.
We have determined that searchtonow.com is a dubious search engine that could present misleading results and advertisements. Typically, search engines are promoted through browser hijackers - applications that alter a web browser's settings. It is recommended to avoid using questionable search eng
PowerMagic is the name of a backdoor malware written in PowerShell. It is known that PowerMagic is used in attacks where cybercriminals distribute another malware called CommonMagic. Backdoor malware refers to a form of malicious software that creates a concealed entry point into a computer system
CommonMagic is a modular malicious framework. It is suspected to be distributed through a malware strain known as PowerMagic. The CommonMagic framework is composed of multiple executable modules and has the ability to capture screenshots and collect data from USB drives. It seems that CommonMagic
After reviewing this "Walmart Order" email, we determined that it is spam. The scam email is presented as a notification regarding a purchase made from Walmart. This spam mail aims to deceive recipients into calling the fake support line and thus entrapping them in a scam. The email with t
While analyzing malware samples submitted to VirusTotal, our team discovered a ransomware variant belonging to the Xorist family dubbed Rans-A. This ransomware encrypts files, appends the ".Rans-A" extension to filenames, creates the "HOW TO DECRYPT FILES.txt" file, and displays an error message t