While analyzing malware samples submitted to the VirusTotal website, we discovered a ransomware variant dubbed Google. We found that Google ransomware belongs to the Chaos ransomware family. The purpose of this malware is to encrypt files. In addition to encrypting files, Google ransomware drops t
Our analysis of the "Account Will Be Terminated" email revealed that it is spam. This fake letter claims that the recipient's email account will be closed – unless it is upgraded. When the user attempts to update their account, the link in the letter redirects them to a phishing website. This sit
Upon inspection, it has been discovered that this website displays deceptive messages, such as fake warnings, which falsely claim that a computer is infected and that antivirus software is unregistered. These messages are entirely fraudulent and should not be trusted. Aura was made aware of misle
Likerus[.]click is an untrustworthy page that displays deceptive content and wants to send notifications. Our team discovered likerus[.]click while examining websites that use rogue advertising networks. Users do not access sites like likerus[.]click intentionally. This website alleges tha
While inspecting new submissions to VirusTotal, our researchers discovered the Stolen ransomware-type program. Malware within this category is designed to encrypt data and demand payment for decryption. This program belongs to the Makop ransomware family. Once we executed a sample of Stolen (Mako
S1deload is the name of an information-stealing malware that targets Facebook and YouTube accounts. Also, it uses infected computers to mine cryptocurrency. This stealer is dubbed S1deload because it heavily utilizes DLL sideloading to evade detection. Cybercriminals use social engineering and com
Upon examination, it has been determined that this is a phishing attempt aimed at tricking recipients into revealing personal information. The email contains an attachment that opens a phishing page designed to steal sensitive information. It is strongly recommended to ignore this and similar emai
Upon testing search.anytime-anywhere-tab.com, we discovered that it is a fake search engine. It is not uncommon for such search engines to be promoted through browser hijackers. Typically, these types of applications hijack web browsers by altering their settings. Search engines that are promoted
We have examined this email and found that it is a scam email promising a large sum of money. Typically, scammers behind such emails claim that the recipient has been identified as the beneficiary of a large sum of money from an inheritance, lottery, or some other source. These scams should be ign
While reviewing new submissions to VirusTotal, our research team discovered the AdvancedBrowser app. After analyzing this piece of software, we determined that it is adware belonging to the AdLoad malware group. This application runs intrusive ad campaigns and may have other undesirable/harmful