Meduza is a ransomware variant (belonging to the MedusaLocker family) that has been discovered during analysis of malware samples submitted to the VirusTotal page. The purpose of Meduza is to encrypt files. Also, it appends its extension (".meduza24" or similar) to filenames and creates a ransom n
After reviewing this email, it has come to our attention that it is a fraudulent message falsely claiming to be from Microsoft. The scammers behind this scam are trying to deceive recipients by claiming they have won a large amount of money. Their objective is to entice recipients to share persona
While analyzing malware samples uploaded to VirusTotal, we encountered Mzre, a ransomware variant linked to the Djvu family. Mzre encrypts files, appends the ".mzre" extension to their filenames, and generates a ransom note ("_readme.txt"). An illustration of how Mzre alters filenames involves ch
While scrutinizing the Go Blocker browser extension, we observed its tendency to showcase bothersome advertisements, which categorizes it as adware. Additionally, Go Blocker possesses the capability to access and modify various data. As a result, users are advised not to place trust in this applic
Fetchzilla is an adware-type browser extension that our researchers discovered while investigating suspicious websites. It is promoted as a tool that simplifies media (e.g., image) download off the Web. However, this extension runs intrusive advertisements instead. In other words, Fetchzilla feeds
Literature News on New Tab is a browser extension that promises easy access to the latest news on literature. Our inspection of this extension revealed that it is browser-hijacking software. Literature News on New Tab modifies browser settings to generate redirects. Browser hijackers reass
Our research team found the ProgramProcessor app during a routine check on new file submissions to the VirusTotal site. After inspecting this application, we determined that it is advertising-supported software (adware). ProgramProcessor is part of the AdLoad malware family. Adware gener
Animated BG is a rogue extension that displays animated browser wallpapers. Our analysis of this piece of software revealed that it is a browser hijacker. It makes alterations to browser settings in order to promote (via redirects) the search.animatedbg-tab.com fake search engine. Typicall
Our research team discovered a ransomware-type program called Got while investigating new submissions to the VirusTotal platform. This malicious program belongs to the Xorist ransomware family. Got malware is designed to encrypt data and demand payment for its decryption. On our test system, this
In our examination of malware samples using the VirusTotal platform, we encountered a ransomware variant identified as Mzqt. This ransomware employs file encryption to limit access to files and adds the ".mzqt" extension to file names. Additionally, it generates a ransom note named "_readme.txt".