Polizia Di Stato is the ransomware that we discovered while analyzing samples submitted to VirusTotal. While testing this ransomware variant, we have learned that it encrypts files, appends the ".polizia" extension to filenames (for instance, renames "1.jpg" to "1.jpg.polizia", "2.jpg" to "2.jpg.p
After installing this suspicious browser extension, our researchers classified Test Certificate as adware. While this piece of software claims to provide the service of easy website verification, it operates by running intrusive advertisement campaigns instead. Our research also revealed that Test
Louses[.]net is a deceptive website that has been discovered by our malware researchers while visiting several torrent sites and illegal video streaming websites. At the time of the research, louses[.]net displayed a fake CAPTCHA and redirected to a virtually identical page (maxy-tax[.]com).
During a routine exploration of questionable websites, our researchers detected windows-secureit[.]com - a page that promotes the "McAfee - Your PC is infected with 5 viruses!" scam. This site also pushes its browser notifications and can redirect visitors to other unreliable/malicious webpages.
PreviewInteractive is the name of adware that we have discovered on a deceptive website that displayed a fake notification suggesting that Adobe Flash Player is out of date. Once we executed a fake installer, it installed PreviewInteractive - an application that started displaying unwanted ads a
Our researchers identified a new address - topraw[.]net - used for browser notification spam. At the time of research, this site pushed its notifications and promoted other untrustworthy/malicious websites. Pages of this kind are typically accessed via others that use rogue advertising networks, w
First analyzed by Microsoft Threat Intelligence Center (MSTIC), WhisperGate was detected on January 13, 2022. According to MSTIC's report, this malware was released explicitly against various Ukrainian organizations in geopolitically-motivated attacks. WhisperGate is a ransomware-type program. Us
We have discovered raymarine[.]top after receiving spam with the website URL in the email. Once we opened raymarine[.]top, it displayed a deceptive message suggesting that it is necessary to agree to receive notifications to download/stream a video. At the time of testing, raymarine[.]top
Duty-Search is a rogue browser extension, which our researchers have determined to be a browser hijacker. On our test system, it modified browser settings to promote the duty-search.xyz fake search engine. Duty-Search sets its search engine as browser's default, and their homepage and new
Dark Viewer is a rogue browser extension, one of the many we have noticed promising to create a dark mode for websites that do not have this feature. Our researchers have observed this software delivering various advertisements; in other words, Dark Viewer exhibits behavior typical for adware.