While inspecting pages that use rogue advertising networks, our researchers chanced upon a "DHL Express" scam. This deceptive content is presented as a delivery-related notification from DHL Express - a courier, package delivery, and express mail service company. It must be emphasized that the act
While investigating new malware submissions to VirusTotal, our research team discovered a variant of Eternity ransomware called DASHA. After we launched a sample of DASHA ransomware on our test machine, it encrypted files and appended their filenames with a ".ecrp" extension. To elaborate, a file
VanillaRAT is a piece of malicious software written in the C# programming language. It is categorized as a RAT (Remote Access Trojan). Malware within this category enables remote access and control over infected devices. These trojans tend to be particularly multifunctional, with features ranging
While inspecting the contents of a fake Adobe Flash Player installer, our researchers discovered the TotalResults rogue application. After analyzing this app, we determined that it is adware belonging to the AdLoad malware family. Adware operates by enabling the placement of advertisemen
PremiumContinental is an adware-type application that our research team discovered while inspecting new submissions to VirusTotal. It runs intrusive advertisement campaigns (displays ads) and likely collects private data. Additionally, PremiumContinental is part of the AdLoad malware family.
After inspecting the "Renewing The Domain" email, we determined that it is spam. The letter claims that a domain owned by the recipient is being renewed, and unless the email is backed up - disruptions in the mail service and data loss may occur. This email urges recipients to back up their email
Our research team discovered the Mega Colors browser extension while inspecting questionable software-promoting webpages. This extension is endorsed as a tool capable of changing website background colors. Our analysis of Mega Colors revealed that it operates as advertising-supported software (adw
HIP1 is a ransomware-type program that our researchers discovered while inspecting new submissions to VirusTotal. This malicious program belongs to the VoidCrypt ransomware family. When we launched a sample of HIP1 on our test system, it encrypted files and appended their filenames with a unique
During a routine investigation of new submissions to VirusTotal, our researchers discovered the LevelNight rogue application. After analyzing this app, we determined that it works as advertising-supported software (adware). Furthermore, it is noteworthy that LevelNight is part of the AdLoad malw
"Google Docs email scam" refers to scam campaigns that contain phishing attachments claiming to allow access to securely-stored files on Google Docs. The documents attached to these scam letters promote phishing websites, which typically target email account log-in credentials. The invoice-relate