Our researchers discovered the FartingGiraffeAttacks ransomware while inspecting new submissions to VirusTotal. We also found that this malicious program is part of the MedusaLocker ransomware family. When we launched a sample of this ransomware on our testing system, it encrypted files and appen
While inspecting unreliable websites, our researchers found the ovenelapodioria[.]com rogue page. It is designed to push browser notification spam and redirect visitors to other (likely dubious/malicious) sites. Most users typically access such webpages through redirects caused by sites using rogu
Finding Solutions is described as an application allowing to look up issues with sites that are down. Our team has discovered Finding Solutions on a questionable page, offering to add this app before continuing to the page. After examining this app, we found that it functions as adware. It shows u
While inspecting websites offering "cracked" software for download, our research team discovered the Getmut Cleaner PUA (Potentially Unwanted Application). The app's "official" promotional webpage endorses it as a tool capable of cleaning, protecting, and improving the performance of operating sys
After examining this email, we found that it is sent by scammers who aim to trick recipients into opening various scam websites. It is disguised as a letter from WhatsApp regarding a missed voice message. This and similar emails must be ignored. The email states that there is a missed voic
While inspecting browser hijackers, our research team discovered the activesearchbar.me fake search engine. Typically, illegitimate searching tools like activesearchbar.me are promoted by browser-hijacking software, which modifies browser settings to cause redirects to these websites. Additionall
Our malware researchers have discovered a new ransomware called Lomiat while inspecting samples submitted to the VirusTotal web page. We found that Lomiat belongs to the Xorist ransomware family. The purpose of Lomiat is to encrypt files. Also, it appends the ".LoMiAt" extension to filenames and c
Our researchers discovered the PrimeAurora application during a routine inspection of new submissions to VirusTotal. After inspecting this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware operates by displaying ads on visited websites and/
While inspecting deceptive websites offering to download "useful" applications, we found an application called PropCreative. During the analysis, we found that PropCreative is adware - it displays intrusive advertisements. Additionally, PropCreative can read sensitive information. Advert
While examining websites that use rogue advertising networks, we discovered houbekuwucoo[.]com - a deceptive website designed to trick visitors into agreeing to receive notifications. Additionally, this site can open other pages of this kind. As a rule, pages like houbekuwucoo[.]com get visited un