Session is the name of ransomware belonging to a ransomware family called Makop. We discovered it while analyzing malware samples submitted to VirusTotal. Session ransomware encrypts and renames files and creates a ransom note (the "+README-WARNING+.txt" file). It appends a string of random charac
Our research team discovered the notcomp[.]com rogue webpage while inspecting shady sites. It is designed to push browser notification spam and redirect visitors to other (likely unreliable/malicious) websites. Notcomp[.]com and sites akin to it are rarely accessed intentionally. Most users enter
During a routine inspection of untrustworthy websites, our researchers discovered the yourdesktopdefence[.]com webpage. It promotes scam content, pushes spam browser notifications, and redirects visitors to other (likely unreliable/malicious) sites. Most users enter yourdesktopdefence[.]com and s
While researching dubious download pages, we discovered the flow dark browser extension, which promises to enable dark mode for simple design websites. After analyzing this extension, we determined that this piece of software operates as a browser hijacker that promotes the getsins.com fake search
While inspecting "cracked" software download websites, our research team discovered the "3N7gh7mg4hyxnwGTFUpjHfpZh154Eu7rYD" malware. Malicious programs within this classification are also known as clipboard hijackers, as they are designed to change the data copied into the infected system's clipb
Dating-point[.]top is a deceptive website designed to trick visitors into allowing it to show notifications. Our team has discovered dating-point[.]top while examining other shady websites (e.g., illegal movie streaming, torrent sites) that use questionable advertising networks. It is very uncommo
We have discovered the exclusivedealsfinder[.]com website while inspecting other pages that use rogue advertising networks. Exclusivedealsfinder[.]com runs a fake endorsement for a CBD company and asks for permission to show notifications. It is strongly advisable not to trust this site or agree t
We have examined this email and found that the cybercriminals behind it attempt to trick recipients into executing a malicious file extracted from the attached file. It is disguised as a letter from DHL (a legitimate logistics company) regarding shipping documents that require review. Cybe
SMSSpy refers to a piece of malicious software masquerading as various applications of legitimate e-commerce platforms. This malware aims to obtain victims' online banking credentials and thus gain access to the funds stored in the accounts. At the time we researched SMSSpy, it targeted Malaysian
Sapphire is the name of a cryptocurrency miner. This malware is sold in hacker forums for 75 euros. Sapphire can mine XMR (Monero), ERGO, ETC (Ethereum Classic), and ETH (Ethereum) cryptocurrencies. Additionally, this miner can avoid being detected by Windows Defender, hide from Task Manager and