In our analysis of Vvoo, we found that it is a ransomware variant from the Djvu family. Vvoo encrypts data, appends the ".vvoo" extension to the filenames of the encrypted files, and creates a ransom note (the "_readme.txt" file). Our team came across Vvoo while reviewing samples submitted to Viru
After investigating the "Social Security Account Missing Information" spam email, we determined that it operates as a phishing scam. Allegedly, this letter regards the recipient's social security documentation, which is in an attachment. The attached file is "encrypted" and requires the user to l
After we inspected the "Norton360 Total Protection Subscription Charge" email, we determined that it is spam. This letter is presented as a notification regarding the purchase of the Norton 360 anti-virus. The goal of this mail is to trick recipients into calling the provided telephone number and
During a routine inspection of questionable websites, our researchers discovered the 10downloader[.]com webpage. This site is designed to allow users to convert YouTube video links into downloadable files. It must be mentioned that YouTube converter websites break copyright laws. What is more, 10
Our analysis of the Art Tab application has revealed that it is a browser extension that has been created to hijack web browsers. The app forcibly pushes a fake search engine (srchinart.com) by altering the settings of the browser. Additionally, Art Tab has the ability to read certain data.
While inspecting browser hijackers, our researchers found the thebestwefind.com fake search engine. Sites of this kind are typically promoted by browser-hijacking software. It makes alterations to browsers in order to cause redirects to illegitimate search engines. Furthermore, websites like thebe
PYAS is ransomware - malicious software that encrypts victims' files, making them inaccessible. In addition to encrypting files, PYAS appends the ".PYAS" extension to filenames and drops the "README.txt" file that contains a ransom note. An example of how PYAS renames files: it changes "1.jpg" to
While analyzing Vvmm, we found that it is one of the ransomware variants belonging to the Djvu family. Vvmm encrypts data, appends the ".vvmm" extension to filenames of the encrypted files, and creates a ransom note ("_readme.txt" file). Our team discovered Vvmm while inspecting samples submitted
We have analyzed wholehypewords[.]com and found that the purpose of this page is to lure visitors into agreeing to receive notifications from it. In addition to asking for permission to show dubious notifications, wholehypewords[.]com may redirect visitors to other untrustworthy websites. Thus, wh
Upon examining wersi[.]club, we concluded that it is a shady website with the aim of deceiving visitors into granting it permission to send notifications. Additionally, the website may redirect visitors to other questionable sites. We encountered wersi[.]club during an analysis of sites that use r