Onevenadvllc[.]com is a rogue page we discovered while researching untrustworthy websites. It is designed to push browser notification spam and redirect visitors to other (likely unreliable/dangerous) sites. Webpages like onevenadvllc[.]com are most commonly accessed via redirects caused by sites
Mimic is a ransomware-type program. Malware within this classification is designed to encrypt data and demand ransoms for decryption. Evidence suggests that Mimic is based on the leaked CONTI ransomware builder. Mimic campaigns have been observed targeting English and Russian speaking users. Afte
DODO is the name of a malicious program that is classed as ransomware. This malware is designed to encrypt data and demand ransoms for the decryption tools. Once we launched a sample of DODO on our test machine, it encrypted files and changed their filenames by appending them with a ".dodov2" ext
We discovered two email variants belonging to the "Mailbox Full" spam campaign. These letters make false claims regarding the recipients' email accounts. This spam mail aims to trick them into visiting phishing websites that imitate legitimate email account sign-in pages. One of the spam e
Our examination of the Quick Pic Download browser extension revealed that it shows intrusive ads, leading us to classify it as adware. Adware is commonly promoted and distributed using misleading or questionable practices. We discovered the Quick Pic Download app on a shady website. Quick
LockBit Green is ransomware that encrypts the victim's data, appends a random extension to filenames of all encrypted files, and drops the "!!!-Restore-My-Files-!!!.txt" file containing a ransom note. It is known that LockBit Green is based on Conti ransomware. An example of how LockBit Green ren
While investigating suspicious websites, our researchers discovered the Nautica browser extension. This piece of rogue software operates as a browser hijacker – modifies browser settings, causes redirects, and spies on users' browsing activity. Browser hijackers typically promote fake sear
Addssupport[.]com has been deemed untrustworthy site due to its use of a clickbait technique to trick visitors into subscribing to its notifications. Our team discovered addssupport[.]com while investigating websites that employ rogue advertising networks. It is important to note that most users c
Our inspection of the "UPS Custom Permit" email revealed that it is spam. This letter is presented as a notification from UPS regarding the recipient's order. It must be emphasized that this email is fake, and it is not associated with the actual UPS company. This spam mail likely operates as a ph
While examining malware samples submitted to the VirusTotal website, we discovered a ransomware variant dubbed Auto. This ransomware is identical to Septwolves, Wanqu, Axxes, and many other ransomware variants. Auto encrypts files and two ransom notes ("RESTORE_FILES_INFO.hta" and "RESTORE_FILES_I