SearchBlox is a malicious Google Chrome browser extension. There are two variants of this extension, and both promise to allow users to search the Roblox video game platform servers for a specific player. Instead, this piece of malicious software targets data associated with Roblox and Rolimons -
Mafer is one of the VoidCrypt ransomware variants designed to encrypt files, append the victim's ID, filees@gmail.com email address, and the ".Mafer" extension to filenames, and drop a text file ("Read_Me!_.txt") containing a ransom note. Our team discovered Mafer while examining malware samples s
D0nut is a ransomware that encrypts files and appends the ".d0nut" extension to filenames (e.g., it renames "1.jpg" to "1.jpg.d0nut", "2.png" to "2.png.d0nut", and so forth). Also, D0nut drops two HTML files ("d0nut.html") and displays a pop-up window. They contain ransom notes. Screenshot of
"Payment For McAfee Subscription" is the name of an email spam campaign. The letters can be plain or quite elaborate, but they all refer to purchases or renewals of the McAfee anti-virus. It must be emphasized that these emails are fake, and they are not associated with the actual McAfee Corp. Th
While examining shady ads and websites, we discovered a scam website offering to get a Walmart gift card. Usually, scam websites like this one are used to extract personal information and (or) money. It is strongly recommended not to trust such pages. This scam website shows a pop-up messa
Our team examined this email and learned that scammers sent it. The purpose of this letter is to trick unsuspecting recipients into entering personal information on a phishing website (fake login page). This email is disguised as a letter from an email service provider. It should be marked as spam
During a routine inspection of suspicious software-promoting websites, our researchers discovered the CustomSearch application. Our analysis revealed that this app operates as a browser hijacker. It promotes fake search engines (e.g., nseext.info, customsear.ch, etc.) by causing redirects to them
A.E.S.R.T is ransomware that encrypts files, appends the ".AESRT" extension to filenames, and displays a ransom note. Our malware researchers discovered A.E.S.R.T while inspecting samples submitted to the VirusTotal website. An example of how A.E.S.R.T renames files: it changes "1.jpg" to "1.jpg.A
AxBanker is an Android-specific banking malware. As its classification implies, this malicious software seeks to obtain banking information. AxBanker has been used in large smishing (SMS phishing) campaigns targeting Indian users. These operations were centered on some of the best-known banks in t
While examining ConnectedProtocol, we found that this application displays intrusive advertisements. Software that shows ads is called adware. We discovered ConnectedProtocol on a deceptive website suggesting that certain installed software is outdated. It is uncommon for adware to be installed