While examining malware samples submitted to the VirusTotal website, we discovered Nitro22 ransomware - malware that encrypts files to blackmail victims. Also, Nitro22 changes the desktop wallpaper and creates a ransom note (the "#Decryption#.txt" file), and appends the ".nitro" extension to filen
Our research team discovered the Vvwq ransomware-type program during a routine inspection of new submissions to VirusTotal. This malicious program belongs to the Djvu ransomware family. We executed a sample of Vvwq ransomware on our testing system, and it began encrypting files. The filenames of
CacheOptimization is an advertising-supported application that displays annoying advertisements. It has no useful features or provides other value. Our team discovered CacheOptimization after examining a fake installer downloaded from a shady page. Like most apps of this kind, CacheOptimization
Vveo is ransomware designed to encrypt files, append the ".vveo" extension to filenames, and drop the "_readme.txt" file (a ransom note). We found that Vveo is part of the Djvu ransomware family. Our team discovered this ransomware while analyzing malware samples submitted to the VirusTotal websit
Vvew is ransomware belonging to the Djvu family. Our team discovered it while checking VirusTotal for recently submitted malware samples. We found that Vvew appends the ".vvew" extension to filenames and creates the "_readme.txt" file containing contact and payment information. An example of how
While checking out dubious sites that promote software, our researchers found the Background Colors browser extension. It is presented as a tool capable of changing website background colors. However, after analyzing Background Colors, we learned that instead of working as advertised - this extens
Our research team discovered the AnalyzerState rogue application during a routine inspection of new submissions to VirusTotal. After analyzing this piece of software, we determined that it operates as adware. Furthermore, we learned that AnalyzerState belongs to the AdLoad malware family.
Captcha4you[.]top is a rogue site designed to trick visitors into allowing it to deliver browser notification spam. Additionally, this webpage is capable of redirecting users to other (likely dubious/malicious) websites. Our researchers discovered captcha4you[.]top while inspecting sites that use
Arai is a ransomware-type program that our research team discovered while inspecting new malware submissions to VirusTotal. After launching a sample of this ransomware on our test machine, Arai encrypted data and created a note demanding a ransom for the decryption. The names of the encrypted fil
Politicosta[.]biz is one of the many websites that use clickbait techniques to trick visitors into allowing them to show notifications. We encountered this site while inspecting other pages that use rogue advertising networks. One more reason not to visit/trust politicosta[.]biz is that it can red