KEEPCALM is ransomware that we have discovered during an analysis of malware samples submitted to the VirusTotal site. The purpose of KEEPCALM is to encrypt files. Also, it creates the "ReadMe.txt" file (a ransom note) and modifies filenames (appends the victim's ID, josealen@tutanota.com email ad
We have determined that this email is fraudulent and has been written by cybercriminals with the intent of tricking the recipients into infecting their computers. This email is disguised as a letter from IPG Legal, claiming that it has a long overdue invoice attached to it. The purpose of the emai
Captchaforcaptcha[.]top is a rogue webpage that we discovered while checking out suspicious websites. At the time of research, this page had two appearance variants – both designed to promote spam browser notifications. Furthermore, captchaforcaptcha[.]top can redirect visitors to other (likely un
During our investigation of various deceptive web pages (e.g., those offering updates for supposedly outdated software), our team discovered a questionable application called ResultProtocol. Upon installation, ResultProtocol began displaying unwanted advertisements, leading us to classify this a
Our researchers found the Alice ransomware while investigating new malware submissions to VirusTotal. Malicious programs within this classification operate by encrypting data and demanding payment for decryption. After we executed a sample of Alice on our test machine, it encrypted files and appe
Files Downloader Expert is an application that our team discovered on a suspicious website, though the app also has an official site. Upon testing the application, we discovered that it is a browser extension that displays intrusive advertisements. Due to this behavior, we have classified Files Do
M2RAT is a backdoor malware that operates as a remote access trojan (RAT), performing functions such as keylogging, data theft, command execution, and taking screenshots. The malware uses shared memory sections for commands and data exfiltration, leaving few traces on the infected device.
goatRat is the name of a remote access trojan (RAT) - a malicious app that allows attackers to take control of an Android device. Malware of this type can provide attackers with access to sensitive information like messages, call logs, and photos, as well as the ability to execute commands, take s
Our researchers discovered the softlifeinfo[.]com rogue webpage during a routine inspection of dubious sites. This page promotes untrustworthy/harmful software and browser notification spam. Additionally, it can redirect visitors to different (likely unreliable/hazardous) websites. Users typicall
Zteqqd is a ransomware-type program that our researchers discovered while inspecting new submissions to VirusTotal. On our testing machine, this ransomware encrypted files and altered their filenames. The titles of affected files were appended with a unique ID assigned to the victim and a ".zteqq