DarkRace is ransomware discovered by S!Ri. This malware encrypts files, appends its extension to filenames (".1352FF327"), and creates a text file containing a ransom note ("Readme.1352FF327.txt"). An example of how DarkRace modifies filenames: it renames "1.jpg" to "1.jpg.1352FF327", "2.png" to "
Bastionthree[.]xyz is a rogue webpage designed to endorse browser notification spam and redirect visitors to other (likely unreliable/malicious) sites. Users typically enter pages like bastionthree[.]xyz through redirects generated by websites using rogue advertising networks. Our research team d
Our research team discovered the bestfunllc[.]com rogue page during a routine investigation of untrustworthy websites. The aim of this webpage is to promote browser notification spam and redirect visitors to other (likely dubious/malicious) sites. Users typically enter pages like bestfunllc[.]com
Cute Cats Tab has been identified as rogue software. Upon analysis, it has been determined that Cute Cats Tab functions as a browser hijacker, as it alters browser settings to initiate redirects. Furthermore, this extension probably collects various user data or other information. Thus, Cute Cats
Our researchers discovered the fyncenter[.]com rogue webpage while investigating suspect sites. The goal of this page is to promote browser notification spam and redirect users to other (likely dubious/dangerous) websites. The majority of visitors to fyncenter[.]com and similar pages enter them t
SeroXen is a fileless Remote Access Trojan (RAT) that excels in evading detection through both static and dynamic analysis methods. The malware incorporates various open-source projects, including Quasar RAT, r77-rootkit, and the command line tool NirCmd, to enhance its functionalities and capabil
Entmatchw[.]com is the address of a rogue page that is designed to trick visitors into receiving spam browser notifications. Additionally, this webpage can redirect users to other (likely unreliable/hazardous) websites. Most visitors to entmatchw[.]com and pages akin to it – access them via redir
While inspecting suspect websites, our research team found the findallincomesurvey[.]top rogue page. It is designed to endorse dubious content and browser notification spam. Furthermore, this webpage can redirect users to other (likely unreliable/dangerous) sites. Webpages like findallincomesurve
SpinOk is an Android software module that operates as spyware, gathering data on files stored on devices and potentially transmitting them to malicious individuals. Additionally, it has the ability to replace and upload clipboard contents to a remote server. This module is disseminated as a market
During the examination of malware samples submitted to VirusTotal, our team of experts in malware detection identified Weqp, a ransomware variant associated with the Djvu family. Weqp operates by encrypting data and appending the ".weqp" extension to the affected files. Additionally, it generates