While investigating new submissions to VirusTotal, we found a malicious program called Saw. It is part of the Xorist ransomware family, and like all programs within this group – Saw is designed to encrypt data and demand payment for its decryption. After we executed a sample of Saw ransomware on
Getnomadtblog[.]com is a deceptive website that attempts to trick visitors into subscribing to its notifications. This site may also redirect visitors to other pages of similar nature. Our team uncovered getnomadtblog[.]com while investigating illegal movie streaming websites, torrent sites, and s
BRUH is ransomware based on Chaos ransomware. We discovered this ransomware strain while inspecting malware samples submitted to the VirusTotal page. BRUH encrypts data, appends a random extension (four random characters) to filenames, changes the desktop wallpaper, and drops the "read_it.txt" fil
Iotr is ransomware that belongs to the Djvu ransomware family. Our team discovered this ransomware on VirusTotal while analyzing malware samples submitted to the page. Iotr encrypts files and adds the ".iotr" extension to their filenames. Additionally, it drops the "_readme.txt" file, which contai
Our analysis of malware samples submitted to VirusTotal has revealed the existence of a new variant of the Djvu ransomware family, dubbed Iowd. Its main objective is to encrypt files on an infected system. Also, Iowd appends the ".iowd" extension to filenames and creates the "_readme.txt" file wit
After analyzing malware samples submitted to VirusTotal, we have identified a new ransomware variant known as Ioqa, which is a member of the Djvu ransomware family. The primary objective of Ioqa is to encrypt files on the infected system. As part of the encryption process, Ioqa renames the affecte
Itspeedg[.]com is a rogue webpage discovered by our researchers during a routine investigation of untrustworthy websites. This page is designed to promote dubious/hazardous software and browser notification spam. Furthermore, it can redirect visitors to other (likely unreliable/malicious) sites.
While checking out questionable websites, our research team found the ibuhaughuss[.]com rogue page. It is designed to endorse browser notification spam and redirect visitors to other (likely untrustworthy/harmful) sites. Most users enter webpages like ibuhaughuss[.]com through redirects caused by
While investigating deceptive webpages, our researchers discovered the AdzEater browser extension. It is presented as an adblocker for the YouTube video-hosting platform. However, our analysis revealed that instead of blocking advertisements, this extension displays them. Due to this behavior, Adz
Our research team discovered the hintonjour[.]com rogue page while checking out suspicious sites. It pushes browser notification spam and redirects users to different (likely unreliable/harmful) websites. Most visitors to hintonjour[.]com and similar webpages access them through redirects caused b