Our researchers found the Zhong ransomware during a routine examination of new VirusTotal submissions. Ransomware is a type of malware that encrypts data for ransom purposes. On our test machine, Zhong encrypted files and appended their filenames with a ".zhong" extension. To elaborate, a file ti
While investigating dubious websites, our research team found the cosmovideo[.]cam rogue webpage. It is designed to promote browser notification spam and redirect visitors to different (likely unreliable/hazardous) sites. Most users access pages like cosmovideo[.]cam via redirects caused by websit
After inspecting the "Payment Proforma Invoice / Contract" email, we determined that it is spam. This letter operates as a phishing scam; it makes false claims regarding a received voice message to trick recipients into attempting to sign in via a fake website. This spam campaign targets email acc
Our researchers discovered the Miserium ransomware during a routine investigation of new submissions to VirusTotal. Malware within this classification operates by encrypting data and demanding payment for its decryption. After we executed a sample of Miserium on our test system, it encrypted file
After testing the SearchProvided application, our team has discovered that it exhibits aggressive and unsolicited advertisements. As a result, we have categorized SearchProvided as adware, which pertains to software specifically created to generate revenue by displaying ads. Typically, users are
BouldSpy is a spyware and data-stealer type malware that targets Android devices. It can record and extract a wide variety of information from infected systems. This malicious program has been around since at least as early as 2020. The research undertaken by Lookout Threat Lab analysts revealed
Buycfr[.]com has been labeled untrustworthy because of its clickbait approach to persuade visitors to subscribe to its notifications. Our team encountered buycfr[.]com during our inquiry into websites that use illegitimate advertising networks. It is worth knowing that most users stumble upon such
Buyadvupfor24[.]com is among the websites that show misleading content to trick visitors into subscribing to notifications. Our investigation of sites employing rogue advertising networks led us to uncover buyadvupfor24[.]com. Visitors do not intentionally access pages such as buyadvupfor24[.]com.
While examining malware samples submitted to VirusTotal, our team discovered crYptA3 - malware that operates as ransomware. The purpose of crYptA3 is to encrypt files. Also, it provides a ransom note ("readme_for_unlock.txt" file) and appends the ".crYptA3" extension to filenames. An example of h
Vypt is ransomware that encrypts files stored on a computer, modifies filenames of all affected files, and creates two ransom notes ("Restore_Your_Files.txt" and "ReadMe.hta"). Our malware researchers discovered Vypt during examination of malware samples submitted to the VirusTotal site. Vypt app