Defendyourfiles[.]com is a rogue website that our researchers discovered while inspecting untrustworthy webpages. This page operates by hosting deceptive content, promoting browser notification spam, and redirecting visitors to other (likely dubious/malicious) sites. Most users access defendyourf
Reserve-availability[.]cfd is an untrustworthy page that runs a scam similar to "McAfee - Your PC is infected with 5 viruses!". Also, it asks visitors for permission to show notifications. Our team has discovered reserve-availability[.]cfd while examining other pages that use rogue advertising net
DeadLocker is the name of ransomware discovered by MalwareHunterTeam. It was found that DeadLocker encrypts files, appends the ".deadlocked" extension to filenames, changes the desktop wallpaper, and displays a pop-up (a ransom note). An example of how DeadLocker renames files: it changes "1.jpg"
YTStealer is a piece of malicious software classified as a stealer. Malware within this category aims to steal a wide variety of sensitive data. However, YTStealer targets very specific information - one relating to victims' YouTube accounts. Thus the goal of the attackers behind this program is t
Harditem is a malicious program based on the Prometheus ransomware. We obtained a sample of this ransomware from VirusTotal. After Harditem was launched on our test machine, it encrypted files and appended their filenames with the ".harditem" extension. For example, a file initially titled "1.jpg
Tail web is the name of an application that our team has discovered while inspecting shady websites. After downloading and adding this app to a browser, we found that it changes some settings. It hijacks a web browser to promote tailsearch.com. While testing this site, we found that it is a fake s
PortalUltra is an application that our team has discovered after using a fake installer downloaded from a deceptive website. It was found that PortalUltra is a useless application designed to display annoying advertisements. Thus, we categorized this app as adware. Clicking ads (pop-ups,
Our malware researchers have discovered another ransomware belonging to the Djvu family called Llqq while examining malware samples submitted to the VirusTotal site. Llqq is designed to encrypt files and append its extension (".llqq" to filenames). It also creates a text file ("_readme.txt") conta
While researching untrustworthy sites, we found the serviceworker[.]click rogue webpage. It promotes scams, pushes browser notification spam, and redirects visitors to different (likely dubious/malicious) websites. Most users enter such pages through redirects caused by sites using rogue advertis
While looking through new submissions to VirusTotal, our researchers discovered the Code Core ransomware. Malicious programs within this category are designed to encrypt data and demand ransoms for the decryption. Once a sample of Code Core was executed on our test machine, it encrypted files and