During our routine check on malware samples submitted to the VirusTotal page, we discovered a new ransomware variant (that belongs to the Spora family) called FreedomTeam. We found that it encrypts files, appends the victim's ID, freedomteam@mail.ee email address, and a string of random characters
BTC is the name of a malicious program belonging to the VoidCrypt ransomware family. Our research team discovered this ransomware-type program while inspecting new submissions to VirusTotal. After executing a sample of BTC (VoidCrypt) ransomware on our test system, we learned that it encrypts fil
While inspecting untrustworthy pages, our team discovered an advertising-supported application called DigitalFile. After examination, we concluded that the purpose of DigitalFile is to display annoying (and untrustworthy) advertisements. It is highly advisable not to have this app installed on t
Notfcompreviews[.]com is a website that displays deceptive content (uses a clickbait technique) to trick visitors into agreeing to receive notifications from it. It is uncommon for such pages to be visited intentionally. Our team has discovered notfcompreviews[.]com while examining pages that use
Fdcv is ransomware that encrypts files and appends the ".fdcv" extension to filenames. Also, it creates a text file ("_readme.txt") that contains a ransom note. Our malware researchers have discovered Fdcv while analyzing the samples submitted to the VirusTotal website. They also found that Fdcv b
Our research team found the solidprotectionspc[.]com rogue webpage while inspecting unreliable sites. This page operates by promoting deceptive content, pushing browsing notification spam, and redirecting visitors to other (likely untrustworthy/malicious) websites. Users typically enter these web
While inspecting new malware submissions to VirusTotal, our researchers found a new malicious program called TURKEY, which is based on Chaos ransomware. We acquired a sample from VirusTotal and launched it onto our test system. We learned that the TURKEY ransomware encrypts files and appends thei
PowerShell RAT is the name of a Remote Access Trojan (RAT) written in PowerShell. The term PowerShell refers to a Microsoft Windows program designed for task automation and configuration management (i.e., product functionality, performance, and attribute establishment and maintenance). The trojan
During our routine malware research, we discovered an information stealer called SaintStealer. We found that this information-stealing malware targets credentials and system information. All gathered information is sent to a Command and Control server. SaintStealer is written in the C# programming
Webnotificationservices[.]com is a rogue webpage that our research team discovered while inspecting untrustworthy sites. It is designed to push browser notification spam and redirect visitors to other (likely unreliable/malicious) websites. Most users enter such webpages via redirects caused by si