We have analyzed the websiteshove[.]com page and found that it uses a clickbait technique to trick visitors into granting it permission to show untrustworthy notifications and redirects to other websites. Our team has discovered websiteshove[.]com while visiting pages that use rogue advertising ne
On February 23rd, another wave of geopolitically-motivated attacks was observed in Ukraine. This campaign employs HermeticWiper (also known as FoxBlade) - a piece of malicious software designed to wipe (delete) data and render devices using the Windows Operating System (OS) - inoperable. Attacks
Our team has discovered the Jjtt ransomware while checking malware samples submitted to VirusTotal. It was found that Jjtt is part of the Djvu ransomware family. Jjtt encrypts files, appends the ".jjtt" extension to filenames, and creates the "_readme.txt" file. The "_readme.txt" file is a ransom
We have analyzed this email and found that its purpose is to trick recipients into providing email account login credentials on the presented phishing website. This email is disguised as an urgent letter regarding payment status. The email encourages recipients to review the provided invoi
Our researchers found the JS ransomware-type program during a routine inspection of new malware submissions to VirusTotal. After launching a sample on our test machine, we learned that the JS program encrypts files and appends their filenames with a ".JS" extension (not to be confused with the .J
Binwu is ransomware that belongs to a ransomware family called Xorist. Our team has discovered Binwu while examining the samples submitted to VirusTotal. After analyzing this ransomware, we have found that it encrypts files, appends the ".Binwu" extension to filenames, and creates the "КАК РАСШИФР
Emolumentsurvey[.]top is a rogue webpage that we discovered while inspecting untrustworthy sites. It is designed to load dubious content, promote browser notification spam, and redirect visitors to other unreliable/malicious websites. Most users access emolumentsurvey[.]top and similar pages via r
During a routine inspection of untrustworthy websites, our researchers discovered the Best Converter Online browser extension. It is promoted as a tool for easy file format conversion. After analyzing it, we determined that it is a piece of advertising-supported software (adware). Best Con
Profitsurvey[.]top is a shady website that our team has discovered while examining torrent sites, illegal movie streaming pages, and other websites that use rogue advertising networks. We have analyzed profitsurvey[.]top and learned that it asks for permission to show untrustworthy notifications,
We have analyzed this email and found that scammers use it to trick recipients into providing email account login credentials. This email is disguised as a letter from Habib Bank AG Zurich - a Swiss multinational commercial bank. It contains an HTM file asking to verify email to view a payment rec