While checking out dubious webpages, our researchers discovered jigisup[.]xyz. This site is designed to promote deceptive material, push browser notification spam, and redirect users to different (likely unreliable/dangerous) websites. Visitors to jigisup[.]xyz and similar pages typically access
Our research team discovered the fynbest[.]com rogue page during a routine investigation of untrustworthy websites. It is designed to push browser notification spam. Ffynbest[.]com uses fake CAPTCHA for this purpose. Additionally, this site is capable of redirecting visitors to other (likely unrel
Rar1 is ransomware that encrypts files, renames them (by replacing their names with a random string of characters and appending the ".rar1" extension to filenames), and creates the "READ_TO_DECRYPT.txt" file containing a ransom note. An example of how files encrypted by Rar1 are renamed: "1.jpg"
Lumma is a piece of malicious software categorized as a stealer. Malware within this category is designed to steal sensitive data. These programs are capable of exfiltrating data from infected systems and the applications installed onto them. The threats posed by stealers can be extensive and depe
Newzsystems[.]com is a deceptive web page that uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, it redirects to a virtually identical site. Our team came across newzsystems[.]com while inspecting pages that use rogue advertising networks. Newzsyste
Our researchers discovered the Angry ransomware during a routine inspection of new submissions to VirusTotal. This program is part of the VoidCrypt ransomware family. On our test system, Angry ransomware encrypted files and altered their filenames. The titles of the affected files were appended w
Findsmartresults.com is a shady search engine that generates misleading results. We discovered it after downloading and adding a browser-hijacking application (extension) to a web browser. That application promotes findsmartresults.com by manipulating the settings of a web browser. Browser
Sex is the name of ransomware based on another ransomware called Chaos. We discovered this ransomware while inspecting malware samples submitted to the VirusTotal website. The purpose of this malware is to encrypt files. Also, Sex appends the ".sex" extension to filenames and drops the "read_it.tx
My Keypro is the name of a rogue browser extension. Our analysis of this piece of software revealed that it operates as a browser hijacker promoting the keysearchs.com fake search engine. Additionally, My Keypro gathers private information. Browser hijackers reassign browsers' default sear
RShell refers to a backdoor-type malware targeting Mac Operating Systems (macOS). Malicious software within this classification can execute commands and is typically used to collect data and infect systems with additional malware. RShell is infiltrated into macOS by trojanized the Chinese-langu