After investigating the "Netflix - Update Your Account Information" email, we determined that it is spam. The letter is presented as a notification from Netflix alerting the recipient that their account risks suspension. This email promotes a phishing website targeting log-in credentials and/or ot
Danger Siker is ransomware that has been discovered during the examination of malware samples uploaded to VirusTotal. Once executed on a computer, Danger Siker encrypts files, changes the desktop wallpaper, and creates the "mesajin_var_amcik.txt" file (a ransom note). Danger Siker appends the ".D
Our examination of news-gacive[.]cc has revealed that this page employs a clickbait technique to entice visitors into consenting to receive notifications. It is important to highlight that websites like news-gacive[.]cc are frequently crafted to redirect users to other questionable sites. Also, us
Vare is the name of a NodeJS-based malware that exhibits an ability to circumvent both runtime and scantime antivirus detection. This malicious software operates with full discretion, remaining entirely undetectable while targeting popular platforms such as Discord and Roblox and acting as a brows
While investigating new submissions to the VirusTotal website, our research team discovered the Vx-underground ransomware. It must be mentioned that this malicious program is not associated with vx-underground – a collection of malware source code, samples, and papers on the Internet. The Vx-unde
The TaraxacumOfficinale extension has been flagged as harmful due to its distribution via a malicious installer. TaraxacumOfficinale can enable the "Managed by your organization" setting, access different types of information, and monitor and manage other extensions and themes in Chrome browsers.
After scrutinizing the page, it has been identified that it exhibits deceptive content and prompts users for permission to display notifications. Furthermore, placugceofres[.]info redirects users to other dubious websites. It is noteworthy that users do not intentionally access pages like placugce
After examining the NanoSet application, we have identified its main objective: spreading intrusive advertisements. This classifies NanoSet as an advertising-supported app. Apart from merely showcasing ads, NanoSet might also gather various types of information. Further eroding trust in NanoSet
Our team has discovered a new Djvu ransomware variant dubbed Iicc. This revelation emerged through the analysis of samples submitted to VirusTotal. We found that Iicc is a typical ransomware: it encrypts files, modifies filenames (adds the ".iicc" extension), and leaves a ransom note ("_readme.txt
Our research team found the CapacityHour adware-type application during a routine inspection of new submissions to the VirusTotal website. It is part of the AdLoad malware family. This app is designed to run intrusive advertisement campaigns. CapacityHour displays ads that promote deceptive and