We discovered the Killnet ransomware while looking through new submissions to VirusTotal. It is designed to encrypt data and demand payment for decryption. After we executed a sample of Killnet on our test machine, it encrypted files and appended with a ".killnet" extension. For example, a file i
Our team inspected zeleboba[.]click and found that this page runs the "McAfee - Your computer is infected with 5 viruses!" scam. It displays deceptive content to trick visitors into believing that they must remove "detected" malware to avoid harm. Also, zeleboba[.]click wants to show notifications
Video-watch1[.]com is a rogue webpage that our researchers discovered while inspecting suspect websites. It operates by promoting spam browser notifications and redirecting users to other (likely unreliable/harmful) pages. Users typically enter sites of this kind via redirects caused by webpages t
Laplas Clipper is the name of a clipper malware that checks the content of the victim's clipboard for cryptocurrency wallets. In the operating system, the clipboard is a temporary memory area in which data is stored while it is processed or transferred. Cybercriminals use clipper malware to replac
Our researchers discovered the CryptBB ransomware-type program while inspecting new submissions to VirusTotal. It is based on the LockBit 3.0 ransomware. Once we launched a sample of CryptBB on our test machine, it began encrypting files and altered their filenames. Original titles were appended
RomCom is the name of a Remote Access Trojan (RAT). Malware categorized as such is designed to enable remote access/control over infected machines. RATs can be highly multifunctional and thus pose a wide variety of threats. It is noteworthy that RomCom has been used in attacks against Ukraine's m
While examining the F**klocker malware, our team learned that it is ransomware designed to encrypt files, modify filenames, and drop a ransom note (the "README.txt" file). We discovered F**klocker while analyzing malware samples submitted to VirusTotal. F**klocker renames files by replacing their
Clicker is the name of a malicious program that targets Android devices. This malware operates akin to advertising-supported software (adware). It generates revenue through advertising. However, Clicker neither displays ads nor causes redirects to various websites. Instead, this piece of malicious
While analyzing various untrustworthy pages, our team discovered an advertising-supported application called PowerAnalytics. The purpose of PowerAnalytics is to display annoying (and untrustworthy) advertisements. It is highly advisable not to have any adware installed on a computer. Cli
While inspecting suspicious websites, our researchers discovered the finishupworld[.]com rogue page. It promotes browser notification spam and redirects visitors to other (likely untrustworthy/harmful) sites. Most users access webpages like finishupworld[.]com via redirects caused by sites that us