Scanprotectiontoday[.]com is a rogue webpage that runs scams, promotes browser notification spam, and redirects visitors to different (likely untrustworthy/harmful) sites. Most users access pages of this kind via redirects caused by websites using rogue advertising networks. Our researchers disco
Our research team discovered the Encfiles ransomware while investigating new submissions to VirusTotal. This program is part of the Amnesia ransomware family. Once a sample of Encfiles ransomware was executed on our test machine, it began encrypting files and changing their filenames. For example
While inspecting new malware submissions to VirusTotal, our researchers found yet another ransomware from the Djvu family - titled Oopu. We executed a sample of Oopu on our test machine, and it encrypted files and appended their filenames with the ".oopu" extension. For example, a file named "1.j
After inspecting the "Norton - Your Computer Could Be At Risk" email, we determined that it is spam. This letter urges recipients to protect their devices with Norton anti-virus. It must be emphasized that this spam mail is in no way associated with either Norton AntiVirus or its developers Norton
Our inspection of the "Porn Websites I Attacked With My Virus Xploit" email revealed that it is yet another sextortion scam. Like most spam letters of this kind, it makes false claims about the sender having infected the recipient's device and made sexually explicit videos featuring them. The emai
While inspecting pages that use rogue advertising networks, our researchers chanced upon a "DHL Express" scam. This deceptive content is presented as a delivery-related notification from DHL Express - a courier, package delivery, and express mail service company. It must be emphasized that the act
While investigating new malware submissions to VirusTotal, our research team discovered a variant of Eternity ransomware called DASHA. After we launched a sample of DASHA ransomware on our test machine, it encrypted files and appended their filenames with a ".ecrp" extension. To elaborate, a file
VanillaRAT is a piece of malicious software written in the C# programming language. It is categorized as a RAT (Remote Access Trojan). Malware within this category enables remote access and control over infected devices. These trojans tend to be particularly multifunctional, with features ranging
While inspecting the contents of a fake Adobe Flash Player installer, our researchers discovered the TotalResults rogue application. After analyzing this app, we determined that it is adware belonging to the AdLoad malware family. Adware operates by enabling the placement of advertisemen
PremiumContinental is an adware-type application that our research team discovered while inspecting new submissions to VirusTotal. It runs intrusive advertisement campaigns (displays ads) and likely collects private data. Additionally, PremiumContinental is part of the AdLoad malware family.