While inspecting malware samples submitted to VirusTotal, we discovered Hgjzitlxe, which is ransomware belonging to the Snatch family. We found that Hgjzitlxe encrypts files, appends its extension (".hgjzitlxe") to filenames, and creates a ransom note ("HOW TO RESTORE YOUR HGJZITLXE FILES.TXT").
During our investigation of nighridadered[.]com, we found that the website employs a clickbait technique to entice visitors into subscribing to its notifications. Furthermore, nighridadered[.]com may redirect users to unreliable websites. As a result, it is strongly recommended to avoid accessing
Our research team discovered the news-dudafa[.]com rogue webpage during a routine investigation of untrustworthy sites. This page is designed to push browser notification spam. It can also redirect users elsewhere (likely unreliable/hazardous websites). Most visitors to webpages like news-dudafa[
We discovered the UniversalDisplay rogue application during a routine inspection of new submissions to the VirusTotal website. After investigating this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported softw
While investigating new submissions to the VirusTotal site, our researchers discovered the Protect ransomware-type program. It is part of the MedusaLocker ransomware family. Ransomware is designed to encrypt data and demand ransoms for its decryption. On our test machine, a sample of Protect encr
During our examination of malware samples submitted to the VirusTotal website, we encountered Wayn, a ransomware variant that encrypts files and adds the ".wayn" extension to filenames. Additionally, Wayn leaves a ransom note (a text file named "_readme.txt"). An example of how Wayn modifies file
While analyzing malware samples on VirusTotal, we encountered a ransomware variant called Wazp, which belongs to the Djvu family. This ransomware encrypts files and alters their filenames by appending the ".wazp" extension. Additionally, Wazp leaves behind a ransom note file named "_readme.txt".
While investigating suspicious sites, our research team found a page promoting an installation setup containing the Streaming application. After examining this app, we determined that it is advertising-supported software (adware). The purpose of adware is to generate revenue for its develo
During a routine investigation of new submissions to VirusTotal, our research team discovered the OperativeHandler application. We determined that it is adware, and that this app belongs to the AdLoad malware family. Adware stands for advertising-supported software. It is designed to dis
Our research team discovered NativeTopics while inspecting new submissions to the VirusTotal website. After we investigated NativeTopics, we determined that it is adware belonging to the AdLoad malware family. This application is designed to run intrusive advertisement campaigns, and it may also