Newexploit is the name of a ransomware-type program, which our researchers have sampled from VirusTotal. Once launched on our test machine, Newexploit encrypted files and appended their filenames with a ".exploit" extension. For example, a file initially named "1.jpg" afterwards looked like "1.jpg
We have spotted the Digital Info extension on a shady website offering to update an installed extension. After adding this app to the Chrome browser and testing it, we have learned that it generates advertisements. Therefore, we have categorized this app as advertising-supported software.
After analyzing this email, we have discovered that it is a phishing email (it contains a link to a phishing website). Scammers behind it attempt to trick recipients into providing personal information such as email addresses and passwords required to access Microsoft and possibly other accounts.
While investigating rogue websites, our researchers discovered that theironnews[.]site is an untrustworthy page designed to promote spam browser notifications. It can also redirect visitors to other unreliable and dangerous sites. Most users access webpages like theironnews[.]site via others using
Our team has inspected this email and concluded that it is part of a malicious spam campaign. Cybercriminals use it to distribute Agent Tesla - a Remote Administration Trojan. Their goal is to trick recipients into executing a file extracted from the malicious attachment (archive file). We
Our research team discovered CheckControl on new VirusTotal submissions. After launching this app on our test system, we found that CheckControl is an adware-type application belonging to the AdLoad malware family. Adware operates by enabling the placement of advertisements on sites visi
Found by our research team among new VirusTotal submissions, Xyz is a piece of malicious software within the ransomware classification. During analysis, we discovered that this ransomware encrypts data and renames the affected files. On our test system, it appended the encrypted files with a ".xy
Bbbw is the name of yet another malicious program belonging to the Djvu ransomware family, which we have detected when reviewing new submissions to VirusTotal. Ransomware is designed to encrypt data and demand payment for the decryption; Bbbw is not an exception. Once launched on our test machine
CABP is ransomware that our team has discovered while analyzing malware samples submitted to VirusTotal. We found that it encrypts and renames (by appending the ".CABPRANSOM_ENCRYPTED" extension) files and displays a pop-up window containing a ransom note. The CABP ransomware was first discovered
Our malware researchers have discovered the Maiv ransomware while analyzing malware samples recently submitted to VirusTotal. After testing the ransomware, we have learned that it belongs to the Djvu family. Maiv has three key qualities: it encrypts files, appends the ".maiv" extension to filename