While researching suspicious websites, we discovered the liffswithabr[.]com rogue page. It operates by pushing browser notification spam and redirecting visitors to different (likely unreliable/harmful) sites. Most users access liffswithabr[.]com and similar pages through redirects caused by websi
While inspecting new submissions to VirusTotal, our research team discovered yet another ransomware-type program from the Snatch family – called Dgnlwjw. Malware within this classification is designed to encrypt data for the purpose of making ransom demands for the decryption tools. When we execu
Our team has examined Dark Theme For Chrome browser extension and found that it shows intrusive ads and can read browsing-related data. Apps that display ads are classified as adware. Users often download such software o purpose. We discovered Dark Theme For Chrome on a deceptive page. Dar
While investigating new submissions to VirusTotal, our research team discovered the AccessUnit app. This piece of rogue software operates as adware. Furthermore, we determined that this application is part of the AdLoad malware family. Adware stands for advertising-supported software. It
Mekwyk is ransomware that makes files inaccessible by encrypting them. Also, it appends the victim's ID and the ".mekwy" extension to filenames and creates the "RESTORE_FILES_INFO.txt" file that contains a ransom note. We discovered Mekwyk while inspecting samples submitted to the VirusTotal websi
Our researchers discovered the Honkai ransomware while inspecting new submissions to VirusTotal. This malicious program is part of the Paradise ransomware family. When we executed a sample of Honkai (Paradise) ransomware on our test system, it began encrypting files and modifying their titles. O
GonaCry is ransomware that encrypts files, modifies filenames of the encrypted files, changes the desktop wallpaper, and provides a ransom note (creates the "read_it.txt" file). GonaCry is based on Chaos ransomware. Our team discovered it while examining samples submitted to the VirusTotal page.
While checking out suspicious websites, our researchers discovered the link2captcha[.]top rogue webpage. It promotes browser notification spam by using fake CAPTCHA verification. Additionally, this page can redirect users to different (likely untrustworthy/harmful) websites. Most users access web
While investigating new submissions to VirusTotal, our researchers discovered the BTC (Azadi) ransomware. Malware within this classification operates by encrypting data and demanding payment for decryption. Once we executed a sample of BTC (Azadi) on our test machine, it began encrypting files. T
While inspecting helllomedias[.]com, we found that it is a deceptive page that displays a fake message to lure visitors into agreeing to receive notifications. Also, helllomedias[.]com may redirect visitors to other shady sites. Thus, it is advisable not to trust helllomedias[.]com. Helllo