Eewt is ransomware that encrypts the victim's files, appends its extension (".eewt") to filenames, and drops a ransom note ("_readme.txt") on the desktop. Our malware researchers discovered Eewt while examining samples submitted to the VirusTotal web page. This ransomware belongs to the Djvu famil
MONTI is a ransomware-type program designed to encrypt data and demand payment for the decryption tools. It is a new variant of CONTI ransomware. Furthermore, MONTI shares extreme similarities with CONTI's modus operandi. In February 2022, the group behind CONTI experienced a massive breach and d
Our researchers discovered the Black-Lights browser extension during a routine inspection of suspicious software-promoting webpages. This extension is endorsed as a tool capable of enabling dark mode for simple design websites. However, our analysis of Black-Lights revealed that it operates as adw
Our research team discovered the SilkTopic rogue app while investigating new submissions to VirusTotal. After inspecting this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It displays advertise
Our researchers discovered the Ballacks ransomware while inspecting new submissions to VirusTotal. This malicious program belongs to the VoidCrypt ransomware family. Once we launched a sample of Ballacks on our test machine, it began encrypting files ad modified their names. Original filenames we
After analyzing two "Your Order Is Processed" emails, we determined that they are spam. These letters make similar claims about the recipient having purchased an expensive item from a well-known retailer. The goal is to trick the recipient into calling the provided telephone number to cancel the p
While investigating suspicious sites, our research team found the smartopc[.]xyz rogue webpage. It operates by promoting browser notification spam and redirecting users to other (likely untrustworthy/malicious) websites. Users typically access smartopc[.]xyz and similar pages via redirects caused
Our research team discovered the MLF ransomware-type program while inspecting new submissions to VirusTotal. Additionally, MLF belongs to the Phobos ransomware family. Once a sample of this ransomware was executed on our test machine, it encrypted files and altered their filenames. The titles of
TigerRAT is a Remote Access Trojan (RAT). This malware operates by allowing attackers to remotely access and control infected machines. RATs are notoriously multifunctional programs, which can be variously used and cause a broad range of serious threats. There is proof that TigerRAT was developed
MagicRAT is a malicious program classified as a RAT (Remote Access Trojan). This trojan is written C++ programming language and uses the Qt Framework; the latter is an uncommon choice in malware development. RATs are designed to enable remote access/control over infected devices. There is strong