Our researchers discovered the WARLOCK DARK ARMY malicious program, which is based on the Chaos ransomware, while inspecting new submissions to VirusTotal. After we executed a sample of this ransomware on our testing system, it began encrypting files and changed their names. Original filenames w
While inspecting news-fiyimo[.]com, we found that it displays deceptive content to lure visitors into allowing it to deliver notifications. Also, it redirects to a similar website. Our team discovered news-fiyimo[.]com while examining untrustworthy ads and pages that use rogue advertising networks
Regadspro[.]com is a rogue website that our research team discovered while checking out suspicious sites. This page operates by promoting browser notification spam and redirecting visitors to other (likely untrustworthy/malicious) webpages. Most users access sites like regadspro[.]com via redirec
Our researchers discovered the Eking ransomware-type program while inspecting new submissions to VirusTotal. This malicious program belongs to the VoidCrypt ransomware family. After we executed a sample of Eking (VoidCrypt) ransomware on our test machine, it began encrypting files and altered the
Nury is the name of Djvu ransomware variant that our malware researchers discovered while checking the VirusTotal website for recently submitted samples. We found that Nury ransomware encrypts files and modifies filenames by appending ".nury" as their new extension. Also, it creates a text file ("
Nuis is the name of a Djvu ransomware variant that encrypts files to make them inaccessible. Like any other ransomware, Nuis is used to extort money from victims. In addition to encrypting files, Nuis appends the ".nuis" extension to filenames and generates a text file named "_readme.txt" that con
We examined nadsfit[.]com and learned that it displays deceptive content to trick visitors into granting it permission to show notifications. It uses a clickbait technique as a lure. Also, nadsfit[.]com redirects visitors to other pages of this type. Thus, it is highly advisable not to trust nadsf
During a routine inspection of suspicious websites, our research team discovered the riaeqd[.]com rogue page. It is designed to promote browser notification spam and cause redirects to different (likely untrustworthy/harmful) sites. Most users enter webpages like riaeqd[.]com via redirects caused
Our researchers discovered the conatysystems[.]com rogue page during a routine inspection of dubious websites. It operates by promoting browser notification spam and redirecting visitors to different (likely unreliable/dangerous) sites. Users typically access webpages of this kind through redirect
Our analysis of the "Account Termination Request" email revealed that it is spam that operates as a phishing scam. This letter claims that the recipient's email account will be terminated per their request. This mail attempts to lure users into disclosing their email account log-in credentials thr