NoBit is a piece of malicious software classed as ransomware. It is designed to encrypt data and demand payment for its decryption. On our testing system, NoBit encrypted files and appended their filenames with a ".bit" extension. To elaborate, a file initially named "1.jpg" appeared as "1.jpg.bi
After examining the "Funds Has Been Credited To Your Account" email, we determined that it is spam. The letter states that it contains an attached file concerning a revised payment. However, the attachment is a phishing file that targets email account log-in credentials. The spam email wit
Our researchers found the ConnectionLocator app during a routine investigation of new submissions to the VirusTotal site. This piece of software operates as adware. It is pertinent to mention that ConnectionLocator is part of the AdLoad malware family. Adware stands for advertising-suppo
Our researchers discovered the Coffee Ext browser extension during a routine investigation of dubious websites. It is promoted as a tool that provides easy access to coffee recipes. After examining this extension, we learned that it is browser-hijacking software. Coffee Ext operates by modifying
ApplicationLaser is a rogue app that our researchers discovered while investigating new submissions to VirusTotal. After inspecting this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It operate
"Confirm Account To Avoid Termination" is a phishing email falsely claiming that authentication is necessary to prevent the deletion of the recipient's account. This spam mail aims to steal email accounts through a fake sign-in page. The spam email with the subject "IMPORTANT NOTICE ON EMA
Our inspection of the "Alert! Mail Client Security Notification" email revealed that it is spam. The letter makes false claims regarding suspicious sign-in attempts to the recipient's email account. This spam mail aims to extract log-in credentials through a phishing website. The email wit
Allahu Akbar is a ransomware-type program that our research team discovered while investigating new malware submissions to the VirusTotal website. This malicious program is designed to encrypt data and demand payment for its decryption. On our testing system, Allahu Akbar ransomware encrypted fil
Duke is the general name for malware toolsets used by the APT29 APT (Advanced Persistent Threat) actor, also known as The Dukes, Cloaked Ursa, CozyBear, Nobelium, and UNC2452. APT29 is a Russian state-sponsored group associated with the Foreign Intelligence Service of the Russian Federation (SVR R
StandartInitiator is an adware-type application that we discovered while investigating new submissions to the VirusTotal website. This piece of advertising-supported software is part of the AdLoad malware family. StandartInitiator is designed to run intrusive advertisement campaigns by feeding u