GOGO is a ransomware-type program we discovered while checking out new submissions to VirusTotal. It belongs to the VoidCrypt ransomware family. We executed a sample of GOGO ransomware on our testing system, and we learned that it encrypts files and appends their filenames with a unique ID assign
Our researchers discovered the wholenicefeed[.]com rogue page while inspecting suspicious websites. It operates by promoting spam browser notifications and redirecting visitors to other (likely dubious/malicious) sites. Users typically access webpages like wholenicefeed[.]com via redirects caused
While checking out new submissions to VirusTotal, our researchers found the Covid29 ransomware-type program. Malware within this category aims to extract payment (ransoms) from victims – typically for the decryption of encrypted files. However, Covid29 does not operate in this manner. Several min
Youngmedias[.]biz is one of the websites that display deceptive messages to lure visitors into agreeing to receive notifications from them. Usually, users open such pages inadvertently. We discovered youngmedias[.]biz while inspecting sites that use shady advertising networks. There are at
Our team has tested the App browser extension and found that it functions as a browser hijacker. The purpose of this extension is to promote various fake search engines. Also, the App extension adds the "Managed by your organization" feature to Chrome browsers. We discovered it on a deceptive web
Our researchers discovered the webvenadvdesign[.]com rogue page while investigating suspicious websites. It is designed to push browser notification spam and redirect users to other (likely unreliable/malicious) sites. Most visitors access webvenadvdesign[.]com and similar webpages via redirects
Prizesleads[.]com is a rogue webpage that we discovered during a routine inspection of suspect websites. It is designed to promote deceptive content and spam browser notifications. Furthermore, this site can redirect users to different (likely unreliable/dangerous) pages. Most visitors to prizesl
We have analyzed yourvenadvllc[.]com and learned that it shows a deceptive message to trick visitors into agreeing to receive notifications from it. Also, yourvenadvllc[.]com redirects to various scam websites. Users do not visit sites like yourvenadvllc[.]com intentionally. Yourvenadvllc[
While checking out new submissions to VirusTotal, our researchers discovered yet another malicious program belonging to the Dharma ransomware family – called Pdf. After we launched a sample of Pdf ransomware on our test machine, it encrypted files and altered their filenames. Original titles were
We have inspected this email and determined that it is sent by scammers who aim to trick recipients into believing that they are supposed to receive ten million dollars. Typically, scam emails of this kind are used to extract sensitive information and (or) money from people. They should be marked