While checking out new submissions to VirusTotal, our researchers found the Covid29 ransomware-type program. Malware within this category aims to extract payment (ransoms) from victims – typically for the decryption of encrypted files. However, Covid29 does not operate in this manner. Several min
Youngmedias[.]biz is one of the websites that display deceptive messages to lure visitors into agreeing to receive notifications from them. Usually, users open such pages inadvertently. We discovered youngmedias[.]biz while inspecting sites that use shady advertising networks. There are at
Our team has tested the App browser extension and found that it functions as a browser hijacker. The purpose of this extension is to promote various fake search engines. Also, the App extension adds the "Managed by your organization" feature to Chrome browsers. We discovered it on a deceptive web
Our researchers discovered the webvenadvdesign[.]com rogue page while investigating suspicious websites. It is designed to push browser notification spam and redirect users to other (likely unreliable/malicious) sites. Most visitors access webvenadvdesign[.]com and similar webpages via redirects
Prizesleads[.]com is a rogue webpage that we discovered during a routine inspection of suspect websites. It is designed to promote deceptive content and spam browser notifications. Furthermore, this site can redirect users to different (likely unreliable/dangerous) pages. Most visitors to prizesl
We have analyzed yourvenadvllc[.]com and learned that it shows a deceptive message to trick visitors into agreeing to receive notifications from it. Also, yourvenadvllc[.]com redirects to various scam websites. Users do not visit sites like yourvenadvllc[.]com intentionally. Yourvenadvllc[
While checking out new submissions to VirusTotal, our researchers discovered yet another malicious program belonging to the Dharma ransomware family – called Pdf. After we launched a sample of Pdf ransomware on our test machine, it encrypted files and altered their filenames. Original titles were
We have inspected this email and determined that it is sent by scammers who aim to trick recipients into believing that they are supposed to receive ten million dollars. Typically, scam emails of this kind are used to extract sensitive information and (or) money from people. They should be marked
While examining pro-shield2023[.]shop, we learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. Pro-shield2023[.]shop uses a scare tactic to trick visitors into purchasing antivirus software. Also, this deceptive page asks for permission to show notifications. Pro-s
Pouu is ransomware that belongs to a family called Djvu. Pouu encrypts data, appends the ".pouu" extension to filenames, and provides a ransom note (crates the "_readme.txt" file). Our malware researchers discovered Pouu while examining malware samples submitted to VirusTotal. An example of how P