While examining the samples submitted to VirusTotal, our malware researchers have discovered a new ransomware belonging to the Djvu ransomware family called Efvc. It encrypts files, appends its extension to filenames (".efvc"), and creates the "_readme.txt" file containing a ransom note. An examp
Hkgt is ransomware that encrypts files, appends the ".hkgt" extension to filenames, and creates a text file ("_readme.txt") containing contact and payment information. Files encrypted by Hkgt cannot be opened. Threat actors behind Hkgt demand payment in return for a decryption tool. Our team disc
Securedevicesolutions[.]com is a rogue webpage that our researchers discovered while inspecting untrustworthy sites. It is designed to promote deceptive material, push browser notification spam, and cause redirects to other (likely questionable/malicious) pages. Most users enter websites like sec
Our researchers discovered the Grt ransomware during a routine inspection of new submissions to VirusTotal. We determined that this malicious program belongs to the Phobos ransomware family. Once launched on our test system, this program encrypted files and renamed them. The filenames of affected
While inspecting rogue webpages, our research team discovered the "Loyalty Program" scam. It makes false claims about users having a chance of winning a prize by completing a survey. It must be emphasized that the promised gift is fake, and any legitimate entities mentioned in this scam are in no
While inspecting dubious download webpages, our researchers found the Broom Cleaner application. It is promoted as a tool for improving system performance by removing junk content and protecting user privacy. The deceptive installer of Broom Cleaner installed its activated version onto our test m
Judging by the app's interface, I-Record is supposed to record the screen using the selected video format. Our team has discovered I-Record after completing an installation of a software bundle downloaded from a shady web page. It is highly advisable not to install apps included in deceptive insta
While looking through untrustworthy websites, our research team found the robustwebsecurity[.]com rogue page. It operates by promoting scams, pushing browser notification spam, and redirecting visitors to other (likely unreliable/dangerous) sites. Webpages like robustwebsecurity[.]com are typical
Ads Skipping Over is a rogue browser extension that our researchers found while inspecting deceptive software-promoting websites. This extension is endorsed as a Youtube advertisement ad-blocker/ad-skipper. However, after analyzing Ads Skipping Over, we determined that it operates as advertising-s
Magnus is ransomware that our team has discovered while examining malware samples submitted to the VirusTotal page. We found that Magnus encrypts files, appends four random characters to filenames (its extension), changes the desktop wallpaper, and creates the "READMEEEEEE!!!!.txt" file containing