Bec is the name of a new Sojusz ransomware variant. After examining this variant, we found that it encrypts files, appends a string of random characters, the beacon@jitjat.org email address, and ".bec" extension to filenames. It also creates the "!!!HOW_TO_DECRYPT!!!.txt" file that contains a rans
Flskon[.]click is an untrustworthy website that runs a scam similar to "Dear [ISP name] user, Congratulations!" and asks for permission to show notifications. We discovered this site while examining various illegal movie streaming pages and torrent sites (and other pages that use rogue advertising
Our team has discovered the Dark-View browser extension on a deceptive website claiming that it might be required to install this app (for an unspecified reason). We have examined Dark-View and found that it is an advertising-supported application - it generates unwanted advertisements. Ty
F5Z8A is the name of a ransomware variant that we have discovered while analyzing malware samples submitted to the VirusTotal page. It was found that F5Z8A encrypts files and appends the ".F5Z8A" extension to filenames. It also generates a ransom note (the "@@@ To Restore Your Files.txt" file) con
Gooddaywith-captcha[.]top is a deceptive website that shows a fake CAPTCHA to trick visitors into allowing it to show notifications. Also, this page redirects to other untrustworthy websites. Our team has discovered gooddaywith-captcha[.]top while inspecting sites that use rogue advertising networ
After examining this email, we concluded that it is a phishing email used to trick recipients into providing their email account login credentials. It is disguised as a letter from an email service provider regarding some new policy. It contains a website link designed to open a deceptive page.
We have discovered the desktopnotificationshub[.]com page while examining other sites (illegal movie streaming, torrent, and similar pages) that use shady advertising networks. We found that desktopnotificationshub[.]com uses a clickbait technique to get permission to show notifications. It also r
Lightning Stealer is a piece of malware discovered by 3xp0rt. This stealer targets Steam, Telegram, Discord, and cryptocurrency wallet data, passwords, and cookies. It has its administration panel created to manage data logs. Lightning Stealer is sold for 300 rubles for a week, 500 rubles for a mo
We have discovered the reminderapp[.]store site while examining various shady websites that use rogue advertising networks. We found that it runs various scams that use scare tactics to trick visitors into downloading a certain application and displays other questionable content. Thus, remindera
Udla is ransomware that belongs to a ransomware family called Djvu. Our team has discovered the Udla ransomware variant while examining the samples submitted to VirusTotal. After analyzing it, we found that it encrypts files, appends the ".udla" extension to filenames, and creates the "_readme.txt