We have discovered a ransomware variant called Chernobyl belonging to the Babuk family while examining malware samples submitted to VirusTotal. It was found that this variant encrypts files, appends the ".chernobyl" extension to their filenames, and creates a text file named "Restore Your Files.tx
Our team has discovered a ransomware variant called Eyrv while analyzing the samples submitted to VirusTotal. The purpose of Eyrv ransomware is to encrypt files. It also appends the ".eyrv" extension to filenames (for example, it renames ("1.jpg" to "1.jpg.eyrv", "2.png" to "2.png. eyrv"), and cre
Update-ready[.]com is a rogue webpage designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/malicious) sites. We discovered this page during a routine inspection of shady sites. Users access websites of this type inadvertently. Most enter them via redi
Blaze is a piece of malicious software categorized as ransomware. Our researchers found it during a routine inspection of new malware submissions to VirusTotal. We have determined that this program belongs to the Babuk ransomware family. After being launched onto our test system, Blaze began encr
During a routine inspection of shady websites, our researchers found the funksolutions[.]org page. It operates by pushing browser notification spam and redirecting visitors to other (likely unreliable/malicious) sites. Webpages like funksolutions[.]org are usually accessed via redirects caused by
Notadsnow[.]com is yet another browser notification spam promoting webpage that our researchers discovered. This site is designed to trick visitors into enabling its browser notifications, and it can also redirect them to other (likely untrustworthy or malicious) pages. Most users access websites
We have discovered the checkpcsecurity[.]com page while examining other sites that use rogue advertising networks. After analyzing checkpcsecurity[.]com, we found that it is virtually to "McAfee - Your PC is infected with 5 viruses!" scam website. Additionally, it asks for permission to show shady
Our team has discovered a TargetCompany ransomware variant called Avast (named after Avast cybersecurity software company) while examining the samples submitted to VirusTotal. Avast's developers have created a decryption tool for other variants of the TargetCompany ransomware. Cybercriminals behin
Our team has discovered an application called YourCouponSearch while examining shady websites. After installing this app, we noticed that it changed the web browser's settings. It hijacked a web browser to promote yourcouponsearch.com - a fake search engine. Browser hijackers and fake search engin
Our researchers found the ByteDefender ransomware-type program (not to be confused with the legitimate Bitdefender anti-virus software) while inspecting new malware submissions on VirusTotal. It is designed to encrypt data and make ransom demands for the decryption. Once launched on our test mach