NOCT is ransomware that we have discovered during an analysis of samples submitted to VirusTotal. Our inspection shows that NOCT encrypts files, appends the ".NOCT" extension to filenames, changes the desktop wallpaper, and drops a ransom note ("READ_ME.txt"). An example of how NOCT renames files:
During our inspection, we found that manualssearch.com is a fake search engine promoted through an extension, a browser hijacker named Manuals Search. Typically, browser hijacking involves changing the settings within a web browser. Fake search engines and extensions promoting them can expose user
We have reviewed the email and found that it contains a fake message from a bank regarding a business account statement. It is designed to trick users into opening the attached file and entering personal information on the deceptive form. This email should be ignored to avoid privacy risks.
While investigating deceptive sites, our researchers discovered the North Ad-Block browser extension. It is promoted as a free adblocker capable of blocking pop-ups, banners, and other ads on visited websites – including downloading, streaming, and YouTube-to-MP3 sites. However, upon analysis, we
After examining this "View Remittance Details" email, we determined that it is spam. With a finance-themed lure, this message deceives recipients into disclosing private information to a phishing website. It must be emphasized that this scam email is not associated with any legitimate entities.
After reading this "Unclaimed Prize Money" email, we determined that it is spam. This phishing message states that the recipient has almost one million euros in unclaimed prize money and instructs them to provide personal details to initiate the claims process. It must be emphasized that the info
SpecRAT is a malicious program developed in November 2025. It is classified as a RAT (Remote Access Trojan), a type of malware that enables remote access and control over compromised machines. SpecRAT is advertised by its developers as a highly customizable piece of malicious software. Spe
Our analysis of the email has shown that this is a phishing email. It is disguised as a message from EnergyAustralia (a legitimate company in Australia) to appear legitimate and to trick recipients into opening the included website. The goal is to steal personal information that scammers can be mi
NovaStealer is a stealer targeting Mac operating systems. As the classification implies, this malicious program seeks to steal sensitive information from infected devices. NovaStealer aims to obtain data related to cryptocurrency wallets in particular. However, its modular nature could allow oth
Our researchers discovered NotHere while browsing new malware submissions to the VirusTotal platform. We determined that NotHere is a ransomware-type program that encrypts files in order to demand payment for their decryption. After we executed a sample of this ransomware on our testing system, i