Sdhvqq is the name of a ransomware-type program that our research team found while inspecting new submissions to VirusTotal. We learned that this program is part of the Snatch ransomware group. We tested Sdhvqq by executing a sample on our test machine, and the ransomware began encrypting files a
Ust29 is ransomware belonging to the Dharma family. Our malware researchers have discovered it while examining samples submitted to the VirusTotal page. It was found that Ust29 encrypts files and appends the victim's ID, ust29@aol.com email address, and ".ust29" extension to filenames. It provides
Notificationscity[.]com is a rogue webpage designed to deceive visitors into allowing it to deliver browser notification spam. Additionally, this page is capable of causing redirects to other (likely untrustworthy or malicious) sites. We discovered notificationscity[.]com while inspecting shady we
"Trezor email scam" refers to emails regarding a data breach of Trezor's administrative servers. It must be emphasized that these letters are fake, and they are not associated with Trezor - the legitimate hardware cryptocurrency wallet. After analyzing an email belonging to this spam campaign, we
We have analyzed this email and found that it is used to deliver a remote administration Trojan called njRat. Cybercriminals behind this campaign pretend to be DHL - a legitimate logistics company. Their goal is to trick recipients into opening a malicious attachment. The letter is disguis
HOUSELOCKER is ransomware discovered by MalwareHunterTeam. This malware damages the Master Boot Record (MBR) to prevent victims from accessing the operating system. It also restarts the operating system and then displays a ransom note. Screenshot of the ransom note displayed after Windows rest
Gilfillan is the name of a malicious program categorized as ransomware, which belongs to the VoidCrypt malware family. After launching a sample obtained from VirusTotal onto our test system, Gilfillan began encrypting files and appended their filenames with a unique ID, the cyber criminals' email
We have discovered ovinspecutions[.]com while analyzing websites that use shady advertising networks (e.g., torrent sites, illegal movie streaming pages). After testing the ovinspecutions[.]com, we learned that it uses a clickbait technique to get permission to show notifications and redirects to
µ-2246-digits-of-pi is the name or ransomware, a new variant of the DeezNuts Crypter ransomware. We have discovered this variant while examining malware samples submitted to VirusTotal. It was found that µ-2246-digits-of-pi encrypts files and inserts its name in their filenames. This ransom note p
While inspecting dubious sites, our research team discovered expressedsupply[.]com. This rogue webpage loads deceptive content, promotes browser notification spam, and causes redirects to other (likely untrustworthy/malicious) websites. Visitors to such sites typically access them via others that