FBI is the name of a ransomware-type program. Malware within this classification is designed to encrypt data and demand payment for the decryption. After we executed a sample of this ransomware on our test machine, it encrypted files and appended their filenames with a ".fbi" extension. For examp
Pohj is ransomware that belongs to the Djvu family (one of the most widespread ransomware families). We discovered this ransomware while examining malware samples submitted to VirusTotal. Pohj encrypts data, appends the ".pohj" extension to filenames, and drops the "_readme.txt" file containing a
Powz is ransomware designed to prevent victims from opening their files by encrypting them. Our team discovered it while checking the VirusTotal page for recently submitted malware samples. We also found that Powz is part of the Djvu ransomware family, appends the ".powz" extension to filenames, a
Our research discovered the headcaptcha[.]live page while checking out suspicious websites. This rogue webpage pushes browser notification spam and redirects visitors to different (likely deceptive/malicious) sites. Users typically enter headcaptcha[.]live and pages akin it - through redirects cau
Our researchers discovered the Space Tab browser extension while inspecting deceptive websites. After analyzing this extension, we learned that it operates as a browser hijacker. Space Tab makes changes to browser settings in order to cause redirects to the find.gsearchwithus.com fake search engin
After analyzing this email, we concluded that the scammers behind it seek to trick recipients into calling the provided number. Their email is disguised as a letter (a short notice) from the United Nations Office for the Coordination of Humanitarian Affairs (OCHA) regarding financial assistance. T
After inspecting the "Deposited Into Your Bitcoin Portfolio" spam email, we determined that it operates as a phishing scam that can evolve into additional ones. This letter makes false claims about an incoming Bitcoin cryptocurrency deposit that the recipient can accept by following the provided l
Locked_fille is a malicious program that imitates ransomware. Malware within the ransomware classification is designed to encrypt data and make ransom demands for the decryption. However, Locked_fille has no cryptographic abilities. Although the multi-lingual ransom note ("Readme.txt") this malwar
FlyTrap is a piece of malicious software classified as a trojan. This malware targets Android Operating Systems (OSes). The primary goal of FlyTrap is to steal and abuse Facebook accounts and related data. According to the research done by Zimperium, this malware has been active in over one hundr
PJobRAT is the name of Android malware (spyware and Remote Access Trojan) targeting Indian users. Cybercriminals distribute PJobRAT by disguising it as instant messaging and dating apps (e.g., HangOn, SignalLite, Trendbanter, Rita, and Ponam). Their goal is to spy on victims (to gather personal in