Ransom Cartel is ransomware that blocks access to files by encrypting them and appends five random characters to filenames. It also creates a text file (named "[extension]-readme.txt") containing a ransom note. Ransom Cartel is similar to another ransomware called Sodinokibi. An example of how Ra
Systemopc[.]xyz is an untrustworthy page running the "McAfee - Your PC is infected with 5 viruses!" scam. Our team has discovered this site while inspecting other websites that use rogue advertising networks. The purpose of systemopc[.]xyz is to fraudulently promote legitimate software and receive
EmpireFocus is a piece of rogue software that our research team found while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software is designed to display adverti
After examining the email, our team has concluded that it is a phishing email containing a link that opens a deceptive page. The purpose of this email is to trick recipients into providing sensitive information. It is disguised as a letter regarding some final report. Scammers behind this
Our researchers discovered the Baal ransomware while inspecting new submissions to VirusTotal. This malicious program is part of the Makop ransomware family. Once a sample of Baal was launched on our test system, this ransomware encrypted files and altered their filenames. The titles of affected
Computeradsnetwork[.]com is a rogue webpage that our researchers found while checking out untrustworthy sites. It operates by promoting spam browser notifications and redirecting visitors to different (likely unreliable/malicious) websites. Users typically enter pages like computeradsnetwork[.]co
Rootxwolf is the name ransomware based on another ransomware called Chaos. We have discovered Rootxwolf during our analysis of malware samples submitted to the VirusTotal site. This malware encrypts files, modifies their filenames, creates the "read_it.txt" file (a ransom note), and changes the de
Onlinehelptutorials[.]com is a rogue webpage that our researchers discovered while inspecting untrustworthy sites. This page is designed to promote online scams, push browser notification spam, and redirect visitors to different (likely unreliable/malicious) websites. Users typically access onlin
Revive is the name of a banking Trojan targeting Android users (customers of a specific Spanish bank). It steals sensitive information. Cybercriminals use Revive to take ownership of online accounts using stolen login credentials. This malware abuses Accessibility Services to perform malicious act
While looking through new submissions to VirusTotal, our research team found the HybridSpace application. After inspecting this piece of software, we determined that it is adware belonging to the AdLoad malware family. Advertising-supported software operates by enabling the placement of