PYAS is ransomware - malicious software that encrypts victims' files, making them inaccessible. In addition to encrypting files, PYAS appends the ".PYAS" extension to filenames and drops the "README.txt" file that contains a ransom note. An example of how PYAS renames files: it changes "1.jpg" to
While analyzing Vvmm, we found that it is one of the ransomware variants belonging to the Djvu family. Vvmm encrypts data, appends the ".vvmm" extension to filenames of the encrypted files, and creates a ransom note ("_readme.txt" file). Our team discovered Vvmm while inspecting samples submitted
We have analyzed wholehypewords[.]com and found that the purpose of this page is to lure visitors into agreeing to receive notifications from it. In addition to asking for permission to show dubious notifications, wholehypewords[.]com may redirect visitors to other untrustworthy websites. Thus, wh
Upon examining wersi[.]club, we concluded that it is a shady website with the aim of deceiving visitors into granting it permission to send notifications. Additionally, the website may redirect visitors to other questionable sites. We encountered wersi[.]club during an analysis of sites that use r
Ytmusichub[.]com is one of the many websites allowing users to download YouTube videos. However, downloading videos from YouTube is against the company's terms of service. Also, we found that ytmusichub[.]com users rogue advertising networks. Thus, it is advisable against using ytmusichub[.]com.
After investigating the bestdiscoveries.co website, we came to the conclusion that it is an unreliable search engine. We found bestdiscoveries.co after adding a suspicious browser extension. This extension promotes bestdiscoveries.co by hijacking the browser/altering its settings. The best
Microsoft OneNote malware – refers to malicious software distributed using trojanized OneNote (.one) files. The legitimate format documents are modified for malware proliferation by being embedded with virulent content, which triggers the malware's download/installation process when interacted wit
While checking out questionable websites, our research team discovered the notifpushnext[.]com rogue page. It operates by promoting spam browser notifications and redirecting visitors to other (likely unreliable or harmful) websites. Users typically enter webpages like notifpushnext[.]com through
While investigating browser hijackers, our researchers found the searchatwebs.com illegitimate search engine. These websites are typically promoted (through redirects) by browser-hijacking software that modifies browser settings. While most fake search engines cannot generate search results, sear
While investigating suspicious websites, our researchers discovered the snapinsta[.]io webpage. It is a YouTube converter, i.e., this site allows users to convert videos from said platform into download audio (MP3) files. This service breaks copyright laws. Snapinsta[.]io also uses rogue advertisi