Key Group is a piece of malicious software classified as ransomware. Our researchers discovered this program while inspecting new submissions to VirusTotal. It is noteworthy that Key Group belongs to the Xorist ransomware family. There are two variants of Key Group - hence, encrypted files are ap
CommandAccess is a piece of rogue software that our researchers found while investigating new submissions to VirusTotal. Our analysis of this application revealed that it operates as advertising-supported software (adware). Additionally, we learned that CommandAccess is part of the AdLoad malwar
While inspecting new malware submissions to VirusTotal, our researcher team discovered the CRYPTCAT ransomware-type program. After we launched a sample of CRYPTCAT on our test system, it encrypted files and altered their names. Original filenames were appended with a unique ID assigned to the vic
"Cookie Stuffing Browser Extensions" refers to malicious browser extensions designed to insert affiliate IDs into the Internet cookies of specific websites. We have inspected four such extensions. "AutoBuy Flash Sales, Deals, and Coupons" - with the promised functionality of making automatic purc
Our inspection of the "Declined Debit" email revealed that it is malspam (malicious spam). This letter aims to trick recipients into opening a virulent attachment by claiming that it contains a declined payment note from the sender's bank. Once the file attached to this fake email is opened, it i
Our research team found the ChipSynergy app during a routine inspection of new submissions to VirusTotal. After analyzing this application, we determined that it is adware belonging to the AdLoad malware family. Adware is designed to enable the placement of advertisements on visited webs
While inspecting new submissions to VirusTotal, we discovered the CHEAPLAMINATE malicious program, which is based on another ransomware called Chaos. Malware within this category operates by encrypting data and demanding ransoms for the decryption. Once we executed a sample of this ransomware on
While inspecting new submissions to VirusTotal, our research team found a ransomware based on Chaos - called PIZZASUCKER. When we executed a sample on our test machine, this ransomware encrypted files and appended their filenames with a ".ICQ@PIZZASUCKER" extension (which is also the attackers' c
We found the FunctionBlast application while inspecting new submissions to VirusTotal. Our analysis of this piece of software revealed that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It is designed to run intrusive advertisement
Our inspection of the "Due Payment-Invoice" email revealed that it is spam operating as a phishing scam. This letter makes false claims regarding an invoice to view which - recipients have to provide their email account log-in credentials. It must be emphasized that this mail is fake, and it canno