When looking into new submissions on VirusTotal, our researchers found another malicious program belonging to the Dharma ransomware family - called Bl. Once executed on our test system, this ransomware encrypted files and changed their names. Affected files were retitled according to this pattern
Shortcuts is a rogue app, promoted as an easy-access (shortcut) tool to various applications like Netflix, Amazon, CNN, Facebook, calculator, etc. After downloading and launching a sample on our testing machine, we observed this piece of software operating as adware. Our researchers noted
Easy Search is the name of a rogue browser extension, which we have recently discovered. Our researchers have determined this dubious piece of software to be a browser hijacker, promoting the blpsearch.com fake search engine. After being installed onto our test system, the Easy Search brow
Yourdadgone is the name of a ransomware-type program we found when reviewing the newest malware submissions on VirusTotal. On our test machine, this ransomware encrypted files and appended their filenames with a ".yourdadgone" extension. For example, a file like "1.jpg" appeared as "1.jpg.yourdad
When inspecting rogue and deceptive websites, our researchers discovered yet another cryptocurrency giveaway scam. "NASA ETH and BTC Giveaway" is presented as a cryptocurrency mass-adoption scheme. Users are urged to transfer a certain amount of either Ethereum (ETH) or Bitcoin (BTC) cryptocurrenc
Our team has examined the listentoyoutube[.]cc page and concluded that this page offers to convert YouTube videos to MP3 files (while downloading videos from YouTube is a breach of YouTube's Terms of Service), uses rogue advertising networks, and promotes a questionable application. At the
We have tested the Mxpww ransomware and learned that it encrypts files, appends a string of random characters and the ".mxpww" extension to filenames, and creates the "5Fw6_HOW_TO_DECRYPT.txt" file (a ransom note). An example of how Mxpww encrypts files is provided below. Mxpww renames "1.jpg" to
Bio Diversity is a browser extension promoted as a tool for easy access to the largest biodiversity-centered library/archive. Instead, after testing it, we learned that Bio Diversity operates as advertising-supported software (adware). On our test system, Bio Diversity displayed various ad
best darker is the name of a browser hijacker that we have discovered while visiting a deceptive website. After analyzing this application, we found that it hijacks a web browser by changing its settings to ssepm.com - a fake search engine. During the research, we noticed that best darker also cou
SchedulerSkyLoad is another of our researchers' finds detected on VirusTotal. It is an adware-type application from the AdLoad malware family. Once installed onto our test system, SchedulerSkyLoad began displaying various ads. It is pertinent to mention that adware can require certain co