RozbehOfSatan is the name of a ransomware-type program. It is a new variant of the Rozbeh ransomware. After executing a sample of RozbehOfSatan on our test system, it encrypted files and created a ransom note. Typically, ransomware renames the affected files, but that is not to case with RozbehOf
Our team has spotted the TextBoard application while inspecting samples submitted to the VirusTotal website. After examination, we learned that the purpose of TextBoard is to display various advertisements. Thus, we classified this application as adware. Typically, users install software of this
Togo Tab is a rogue browser extension that we found while inspecting dubious download webpages. We determined that this piece of software operates as a browser hijacker. It modifies browsers and promotes the togosearching.com illegitimate search engine. Browser hijackers make specific chan
While inspecting untrustworthy download webpages, our research team discovered the Top Search browser extension. Our analysis of this extension revealed that it operates as browser-hijacking software and promotes the search.tops-searchs.com fake search engine. After we installed Top Search
LockBit 3.0 (also known as LockBit Black) is a new variant of the LockBit ransomware. It encrypts files, modifies their filenames, changes the desktop wallpaper, and drops a text file (named "[random_string].README.txt") on the desktop. LockBit 3.0 replaces the name of the file and its extension w
Ghsd is ransomware, a form of malware designed to encrypt files. We discovered it while examining the samples submitted to VirusTotal. Ghsd is part of the Djvu ransomware family. It not only encrypts but also renames files (by appending the ".ghsd" extension to filenames) and drops the "_readme.tx
While inspecting recent malware submissions to VirusTotal, our researchers discovered a new variant of Sojusz ransomware called Ner. We analyzed a sample of this ransomware by executing it on our test machine. Ner encrypted files and modified their filenames. Original titles were appended with a
While examining deceptive websites encouraging to download a fake Adobe Flash Player installer, we found an application called ObsessionScript. After testing the app, our team learned that it functions as adware - it feeds users with annoying advertisements. Clicking on advertisements di
While examining questionable pages, our team discovered an application called Easy Search. We found that this app promotes the search.easy-searchs.com address. It does so by hijacking a web browser (by changing its settings). We also found that search.easy-searchs.com is a fake search engine.
While inspecting dubious download webpages, our researchers discovered the Dark Mode Online browser extension. After analyzing Dark Mode Online, we determined that it operates as advertising-supported software (adware). Adware is designed to display advertisements on visited sites and/or o