Jawr is ransomware that has been discovered during analysis of samples submitted to VirusTotal. Once on the system, Jawr encrypts files, adds the ".jawr" extension to filenames, and leaves a ransom note ("_readme.txt"). An example of how files encrypted by Jawr are renamed: "1.jpg" is changed to "
In the course of our review, it has been identified that messenger-rocks[.]com uses clickbait to lure visitors into allowing it to send notifications. Also, messenger-rocks[.]com can redirect visitors to other dubious websites. It is worth noting that pages like messenger-rocks[.]com are promoted
Our research team found the Overbright application while investigating submissions to the VirusTotal platform. After examining this app, we determined that it is advertising-supported software (adware). It is pertinent to mention that Overbright belongs to the Pirrit adware family. Adwar
Searchmylinks[.]com is a rogue page that runs scams and promotes spam browser notifications. It can also redirect visitors to other (likely dubious/malicious) websites. Most users enter these webpages via redirects caused by sites utilizing rogue advertising networks. Our researchers discovered s
While inspecting new submissions to VirusTotal, our research team discovered the Ravenwise app. Following our analysis, we determined that this application is advertising-supported software. Additionally, we learned that Ravenwise is part of the Pirrit adware family. Adware operates by r
Atechny is a rogue app discovered by our research team during a routine investigation of new file submissions to the VirusTotal website. After analyzing this piece of software, we determined that it is adware belonging to the Pirrit family. Atechny operates by running intrusive advertisement cam
Upon inspection of "McAfee - You Might Recently Browsed To Compromised Websites" – we determined that it is a scam. It claims that the user's device may have been infected through potentially visited malicious websites. These claims are false, and they are in no way associated with any legitimate
Suidae is a malicious extension that has been discovered during an examination of an installer obtained from an unreliable web page. Suidae has several capabilities, such as enabling the "Managed by your organization" feature in Chrome and Edge browsers, accessing various data, and managing themes
RedProtection is a ransomware-type program that our researchers discovered while inspecting new submissions to the VirusTotal platform. Malware, categorized as such, is designed to encrypt data and demand payment for the decryption. Once we executed a sample of RedProtection on our test machine,
Upon examining the "Chainlink Treasury Airdrop Event", our investigation has exposed it as a fraudulent scheme designed to obtain sensitive information with the intention of financial exploitation. Usually, such scams are promoted via email, social media platforms, deceptive ads, and unreliable we