ActiveLink is a rogue application that our research team found while checking out new submissions to VirusTotal. Our inspection of this app revealed that it is advertising-supported software (adware). Additionally, it is noteworthy that ActiveLink is part of the AdLoad malware family. Ad
We examined time-delta[.]xyz and learned that it displays deceptive content to trick visitors into allowing it to show notifications. Also, it redirects visitors to other untrustworthy pages. We discovered time-delta[.]xyz while inspecting pages that use rogue advertising networks. Typically, user
SchoolBoys is the name of a ransomware-type program that encrypts files and demands payment for the decryption. It is based on the leaked LockBit 3.0 builder - hence, SchoolBoys is virtually identical to this ransomware. The findings of BleepingComputer's researchers revealed that the cyber crimi
We examined this email and found that it is designed to steal personal information from recipients. Emails of this type are called phishing emails. Scammers use them to obtain sensitive information, such as credit card details, login credentials, or other info, by disguising themselves as legitima
We discovered the Killnet ransomware while looking through new submissions to VirusTotal. It is designed to encrypt data and demand payment for decryption. After we executed a sample of Killnet on our test machine, it encrypted files and appended with a ".killnet" extension. For example, a file i
Our team inspected zeleboba[.]click and found that this page runs the "McAfee - Your computer is infected with 5 viruses!" scam. It displays deceptive content to trick visitors into believing that they must remove "detected" malware to avoid harm. Also, zeleboba[.]click wants to show notifications
Video-watch1[.]com is a rogue webpage that our researchers discovered while inspecting suspect websites. It operates by promoting spam browser notifications and redirecting users to other (likely unreliable/harmful) pages. Users typically enter sites of this kind via redirects caused by webpages t
Laplas Clipper is the name of a clipper malware that checks the content of the victim's clipboard for cryptocurrency wallets. In the operating system, the clipboard is a temporary memory area in which data is stored while it is processed or transferred. Cybercriminals use clipper malware to replac
Our researchers discovered the CryptBB ransomware-type program while inspecting new submissions to VirusTotal. It is based on the LockBit 3.0 ransomware. Once we launched a sample of CryptBB on our test machine, it began encrypting files and altered their filenames. Original titles were appended
RomCom is the name of a Remote Access Trojan (RAT). Malware categorized as such is designed to enable remote access/control over infected machines. RATs can be highly multifunctional and thus pose a wide variety of threats. It is noteworthy that RomCom has been used in attacks against Ukraine's m