While checking out suspicious webpages, our researchers found the flowerself[.]xyz rogue site. It promotes spam browser notifications and redirects users to other (likely unreliable/malicious) websites. Visitors to flowerself[.]xyz and pages akin to it - typically access them via redirects caused
The "2022 FIFA Lottery Award" email is spam. Our inspection of a letter belonging to this spam campaign revealed that it operates as a phishing scam. This fake email attempts to extract recipients' private data by claiming they have won a lottery. It must be emphasized that this spam mail is in no
Mmvb is a piece of malicious software categorized as ransomware. Our research team discovered this program during a routine investigation of new submissions to VirusTotal. Mmvb is part of the Djvu ransomware family. Once we executed a sample of this ransomware on our test machine, it began encryp
Our research team discovered yet another ransomware belonging to the Djvu family - called Mmpu, during a routine investigation of new submissions to VirusTotal. Once we launched a sample of Mmpu ransomware on our test machine, it encrypted files and appended them with a ".mmpu" extension. To elab
Icarus is the name of a stealer-type malicious program. It is designed to extract a wide variety of vulnerable data from infected machines. The threats posed by malware of this kind can vary depending on the cyber criminals' goals and the sensitivity of the data stored on victims' devices.
Key Group is a piece of malicious software classified as ransomware. Our researchers discovered this program while inspecting new submissions to VirusTotal. It is noteworthy that Key Group belongs to the Xorist ransomware family. There are two variants of Key Group - hence, encrypted files are ap
CommandAccess is a piece of rogue software that our researchers found while investigating new submissions to VirusTotal. Our analysis of this application revealed that it operates as advertising-supported software (adware). Additionally, we learned that CommandAccess is part of the AdLoad malwar
While inspecting new malware submissions to VirusTotal, our researcher team discovered the CRYPTCAT ransomware-type program. After we launched a sample of CRYPTCAT on our test system, it encrypted files and altered their names. Original filenames were appended with a unique ID assigned to the vic
"Cookie Stuffing Browser Extensions" refers to malicious browser extensions designed to insert affiliate IDs into the Internet cookies of specific websites. We have inspected four such extensions. "AutoBuy Flash Sales, Deals, and Coupons" - with the promised functionality of making automatic purc
Our inspection of the "Declined Debit" email revealed that it is malspam (malicious spam). This letter aims to trick recipients into opening a virulent attachment by claiming that it contains a declined payment note from the sender's bank. Once the file attached to this fake email is opened, it i