Lostdata is ransomware that encrypts files, replaces their names with an email address and a string of random characters, and appends the ".cbf" extension to filenames. Also, Lostdata changes the desktop wallpaper (with a short ransom note on it). Our malware researchers discovered Lostdata ransom
While investigating questionable sites, our researchers found the lundiapoditing[.]com rogue webpage. It is designed to push browser notification spam and redirect visitors to different (likely unreliable or malicious) websites. Lundiapoditing[.]com and similar pages are most commonly entered thr
During a routine investigation of untrustworthy websites, our research team discovered the news-zedege[.]cc rogue page. It attempts to trick visitors into enabling it to deliver spam browser notifications. News-zedege[.]cc can also cause redirects to other (likely unreliable/malicious) sites. Mos
Pc-protections[.]com is a rogue webpage that we discovered while inspecting questionable sites. It is designed to promote online scams and spam browser notifications. Additionally, this page can redirect visitors to other (likely untrustworthy/harmful) websites. Users typically enter webpages lik
After installing and testing the InitialMethod application, our team learned that it is a useless app that functions as adware. The purpose of InitialMethod is to display intrusive advertisements. We discovered this advertising-supported app while inspecting deceptive pages encouraging visitors
ScanBox is the name of malware delivered via malicious websites masquerading as legitimate Australian news websites. Cybercriminals behind it target Australian Government agencies, news media organizations, and global energy and manufacturing sectors. Websites used to distribute ScanBox are sent v
Tonit[.]click is a rogue webpage that our researchers discovered during a routine inspection of suspicious sites. It is designed to load deceptive content, promote browser notification spam, and redirect visitors to other (likely untrustworthy/harmful) websites. Most users typically access such si
While inspecting suspicious websites, our researchers found one promoting the Screen Recorder browser extension. It is presented as a tool capable of recording the screen. However, our analysis revealed that Screen Recorder operates as adware instead. Adware stands for advertising-supporte
After analyzing the AssessmentBranded application (which we downloaded from a deceptive website), our team learned that it shows intrusive advertisements. Therefore, we classified AssessmentBranded as adware. Also, this app can read sensitive information. It is strongly recommended not to instal
JiangLocker is a piece of malicious software categorized as ransomware. It is designed to encrypt data and demand ransoms for the decryption. After we launched a sample of JiangLocker on our test system, it began encrypting files and appended their filenames with a ".jiang" extension. For example