While investigating untrustworthy websites, our researchers discovered the totalrecaptcha[.]top rogue webpage. We found that it has two appearance variants (possibly more), which use deceptive content to trick visitors into allowing the page to deliver browser notification spam. Additionally, this
Kodex is a ransomware-type program. Typically, malware within this classification encrypts files and demands payment for their decryption. While Kodex's ransom note claims that this is how it operates – that is untrue. After launching a sample of this ransomware on our test system, we learned tha
Dybdended[.]com is the address of a rogue page discovered by our research team during a routine inspection of suspicious websites. This webpage promotes scams and pushes browser notification spam. Furthermore, it can redirect visitors to other (likely untrustworthy/harmful) sites. Most users acce
SecureAgent is a ransomware-type program that our researchers discovered while reviewing new submissions to VirusTotal. Malware within this classification is designed to encrypt data and demand ransoms for decryption. After we launched a sample of SecureAgent on our testing system, it encrypted t
Our team has examined the Web Image Downloader and found this browser extension shows annoying (intrusive) advertisements. Apps that display ads are classified as adware. Users rarely download and install adware since software of this type is often promoted and distributed using deceptive methods.
While inspecting sites that use rogue advertising networks, our researchers discovered the "McAfee - TROJAN_2022 And Other Viruses Detected" scam. This fake content states that the site visitor's device has multiple infections. It must be emphasized that these claims are fake, and this scam is in
Click-video*[.]com is a group of websites (e.g., click-videov[.]com, click-videot[.]com, click-videom[.]com, click-videok[.]com, and others) that display deceptive messages to lure visitors into agreeing to receive notifications. We discovered these sites while inspecting other questionable pages.
After inspecting the "Abandoned Funds" email, we determined that it is spam. The fake sender is identified as a banker seeking to transfer funds from a deceased client and share them between themselves and the recipient. This spam mail operates as a phishing scam aiming to obtain personally ident
VectorStealer is a malicious program designed to steal sensitive data. It is classified as an information stealer. Typically, stealers run silently in the background to avoid suspicion. Threat actors use various ways to trick users into infecting computers with information-stealing malware.
While checking the VirusTotal page for recently submitted malware samples, we discovered ransomware dubbed FinD0m. The purpose of this malware is to encrypt files. Also, FinD0m drops the "FinD0m.txt" file and appends the ".FinD0m" extension to filenames (e.g., renames "1.jpg" to "1.jpg.FinD0m", "2