Our research team discovered yet another ransomware belonging to the Djvu family - called Mmpu, during a routine investigation of new submissions to VirusTotal. Once we launched a sample of Mmpu ransomware on our test machine, it encrypted files and appended them with a ".mmpu" extension. To elab
Icarus is the name of a stealer-type malicious program. It is designed to extract a wide variety of vulnerable data from infected machines. The threats posed by malware of this kind can vary depending on the cyber criminals' goals and the sensitivity of the data stored on victims' devices.
Key Group is a piece of malicious software classified as ransomware. Our researchers discovered this program while inspecting new submissions to VirusTotal. It is noteworthy that Key Group belongs to the Xorist ransomware family. There are two variants of Key Group - hence, encrypted files are ap
CommandAccess is a piece of rogue software that our researchers found while investigating new submissions to VirusTotal. Our analysis of this application revealed that it operates as advertising-supported software (adware). Additionally, we learned that CommandAccess is part of the AdLoad malwar
While inspecting new malware submissions to VirusTotal, our researcher team discovered the CRYPTCAT ransomware-type program. After we launched a sample of CRYPTCAT on our test system, it encrypted files and altered their names. Original filenames were appended with a unique ID assigned to the vic
"Cookie Stuffing Browser Extensions" refers to malicious browser extensions designed to insert affiliate IDs into the Internet cookies of specific websites. We have inspected four such extensions. "AutoBuy Flash Sales, Deals, and Coupons" - with the promised functionality of making automatic purc
Our inspection of the "Declined Debit" email revealed that it is malspam (malicious spam). This letter aims to trick recipients into opening a virulent attachment by claiming that it contains a declined payment note from the sender's bank. Once the file attached to this fake email is opened, it i
Our research team found the ChipSynergy app during a routine inspection of new submissions to VirusTotal. After analyzing this application, we determined that it is adware belonging to the AdLoad malware family. Adware is designed to enable the placement of advertisements on visited webs
While inspecting new submissions to VirusTotal, we discovered the CHEAPLAMINATE malicious program, which is based on another ransomware called Chaos. Malware within this category operates by encrypting data and demanding ransoms for the decryption. Once we executed a sample of this ransomware on
While inspecting new submissions to VirusTotal, our research team found a ransomware based on Chaos - called PIZZASUCKER. When we executed a sample on our test machine, this ransomware encrypted files and appended their filenames with a ".ICQ@PIZZASUCKER" extension (which is also the attackers' c