Threats
What Does The Bestbonusprize.life Browser Hijacker Do?
If your browser is constantly re-directing you to the Bestbonusprize.life website, it could be caused by an unwanted browser extension or malicious program installed on your device. Bestbonusprize.life is an... Read more
Games Day Browser Extension
Upon investigation, we have found that Games Day is a browser extension that uses browser hijacking to push games-day.com, a fake search engine that offers no unique search results. Users are often unaware that they... Read more
Iowd Ransomware Joins Djvu Family
A recent analysis of malware samples revealed a new variant of the Djvu ransomware family, which researchers have named Iowd. The primary objective of Iowd is to encrypt files on an infected system and append the... Read more
Beep Malware Proves Very Tricky to Detect and Spreads via Many Methods
The software known as Beep is a type of malicious program designed to steal sensitive information and cause a chain of infections. Although still in development, Beep is highly evasive and uses various methods to... Read more
Baal Ransomware is a New Chaos Clone Designed To Encrypt Files For Ransom
During the examination of new threats submitted to online threat analysis databases, our team came across the Baal malware, which is based on the Chaos ransomware. We conducted a sample execution of the Baal... Read more
Be Cautious of the Bottle Browser Extension
Bottle is a rogue browser extension that disrupts your web browsing experience by injecting advertisements into websites you visit and redirecting your browser search queries. When Bottle infects your computer, it can... Read more
How to Avoid Itspeedg.com Ads
Our researchers have identified Itspeedg.com as a rogue webpage during routine investigations of untrustworthy websites. This page is made to promote malicious software and browser notifications spam, as well as... Read more
'Kuwait Airways' Malicious Emails
Upon investigation, we have determined that the email allegedly from "Kuwait Airways" is a spam message that includes a malicious attachment intended to infect systems with Agent Tesla malware. It should be noted that... Read more
Ioqa Ransomware is One More Djvu Variant
Researchers recently analyzed malware samples, which led to the discovery of a new variant of ransomware called Ioqa. This ransomware belongs to the Djvu family and is designed to encrypt files on an infected system.... Read more
VenusStealer Malware Could Lead to Identity Theft
VenusStealer is a type of malware that steals sensitive information from computers. It specifically targets browser data, Facebook data, and other personal information. Written in Python, it is capable of exfiltrating... Read more
What Does The Doownl0ad3s.com Browser Hijacker Do?
If you find that your browser is frequently redirecting you to the Doownl0ad3s.com website, there is a high likelihood that your device has been infected with a malicious program or an unwanted browser extension. The... Read more
Sync.1rx.io - A Potentially Unwanted Program that Causes Redirects
It is possible that your device has a rogue browser extension or a potentially unwanted program installed if your browser is repeatedly redirected to the Sync.1rx.io site. Sync.1rx.io is a website that displays ads... Read more
AdzEater Adware
Researchers have discovered the AdzEater browser extension that is presented as an adblocker for YouTube, but instead of blocking ads, it displays them. This makes it a form of advertising-supported software, also... Read more
Lax-search.com Browser Hijacker
During an investigation of browser hijackers, our researchers discovered a fake search engine called lax-search.com. These hijackers usually endorse fake search engines, such as lax-search.com, by redirecting users to... Read more
WhiskerSpy Backdoor Linked to APT
Researchers have identified a new backdoor that has been linked to the advanced persistent threat group Earth Kitsune, a group they have previously studied. Earth Kitsune has been distributing self-developed backdoors... Read more
What is the APT14CHIR Ransomware?
APT14CHIR is a type of ransomware that our team discovered during the analysis of samples submitted to the online threat databases. The ransomware's primary goal is to encrypt files and rename them by replacing their... Read more
How to Avoid Getshowads.com Ads
Our investigation of getshowads.com has revealed that the website is one of the deceptive sites that employ deceptive tactics to trick users into allowing browser notifications. The notifications are not only... Read more
MortalKombat Ransomware Has Ties to Xorist to Steal Cryptocurrency
Starting from December 2022, researchers with Cisco Talos have been monitoring an unknown entity that has been using two pieces of recently discovered malicious software - MortalKombat ransomware and a GO variant of... Read more
