We discovered entry-system[.]xyz after clicking on a link received via email. While examining the entry-system[.]xyz, we learned that it is a deceptive website designed to trick visitors into allowing it to display notifications. We also found that entry-system[.]xyz can redirect visitors to shady
While analyzing malware samples submitted to VirusTotal, we came across Ransomcrow ransomware. Like any other ransomware, Ransomcrow encrypts files and demands payment in exchange for a decryption tool. Also, it appends the ".encrypted" extension to filenames, creates the "readme.txt" file contain
Our research team discovered the Rkhwhrogq ransomware-type program during a routine inspection of new submissions to VirusTotal. We determined that this program is part of the Snatch ransomware family. After we launched a sample of Rkhwhrogq on our test system, it encrypted files and appended the
While analyzing the Action Colors application, we learned that it is a browser extension that shows intrusive advertisements and can read and change all data on all web pages. Apps that generate unwanted advertisements are classified as adware. We discovered Action Colors on a shady website offeri
CentralGeo is a piece of rogue software. After we installed this app on our test machine, we learned that it operates as adware. CentralGeo runs intrusive advertisement campaigns, and it might cause redirects and collect private data. Additionally, this application is part of the AdLoad malware
Checkmate is the name of a malicious program classified as ransomware. It is designed to encrypt data and demand payment for the decryption. After we executed a sample of Checkmate on our test machine, it encrypted files and appended their filenames with a ".checkmate" extension. For example, a f
While examining malware samples submitted to the VirusTotal website, we discovered Readlockfiles ransomware that encrypts files. Readlockfiles belongs to the MedusaLocker ransomware family. It not only encrypts files but also renames them by appending the ".readlockfiles" extension to filenames an
After examining HorizonElite, we learned that it is a useless application that generates intrusive advertisements. Apps that show ads are classified as adware. We discovered HorizonElite while analyzing deceptive web pages suggesting that installed software is outdated. This app is distributed v
Watch is the name of ransomware belonging to the Dharma ransomware family. Our team discovered Watch while examining malware samples submitted to the VirusTotal site. The purpose of Watch ransomware is to encrypt files. Additionally, it modifies filenames, displays a pop-up window containing a ran
While inspecting dubious software-promoting websites, our researchers discovered the Filmedia browser extension. This piece of software is endorsed as an easy-access tool for movies. It is supposedly capable of providing the appropriate streaming services when users enter a film's title. However,