Threats
Hhoo Ransomware Joins Host of Djvu Clones Targeting Files for Encryption
Our team discovered a new variant of ransomware belonging to the Djvu family called Hhoo while analyzing malware samples submitted to online threat analysis databases. Hhoo encrypts files and modifies the filenames by... Read more
Beware of the Top10answers.com Browser Hijacker
If you've seen Top10answers.com or another URL hijacking your web browser, such as Chrome, Firefox, or Edge, then it is likely that a potentially unwanted program has made its way on your system. Potentially unwanted... Read more
What Does Indignationmapprohibited.com Browser Hijacker Do?
If your browser is constantly being taken to Indignationmapprohibited.com, you may have some unwanted programs on your device. This website attempts to redirect your browser towards ads for chrome extensions, surveys,... Read more
What is the Proxima Ransomware Threat?
Proxima is a ransomware program that encrypts data and appends the filenames with a ".proxima" extension. After Proxima is deployed on a victim system, it drops a ransom-demanding message – "Proxima_Readme.txt" – onto... Read more
What is the Bitcoin Blackmail Scam?
A new type of email scam is making its rounds on the internet. It involves a threatening message from an unknown sender, claiming to have hacked into the victim's computer and accessed their passwords and contacts.... Read more
Enigma Stealer Malware Distributed Using Malspam
TrendMicro researchers recently uncovered an active campaign that is targeting Eastern Europeans in the cryptocurrency industry. The attackers are using a fake job pretext to install a modified version of the... Read more
What is the DarkBit Ransomware?
While investigating new malware strains, our team came across DarkBit - a ransomware that operates by encrypting data and demanding ransoms for decryption. Upon launching a sample of DarkBit, it immediately begins... Read more
How to Avoid Odestech.com Ads
Odestech.com is a website that misleads people into allowing it to send notifications. People usually arrive at these pages accidentally. Our team came across this site when researching pages that use suspicious or... Read more
M2RAT Malware Hides in Doctored Images with Malicious Payload
The RedEyes Hacking Group, also known as APT37, is a threat group that has been engaging in cyber espionage activities. Recently, they have adopted a new tactic to collect intelligence from targeted individuals by... Read more
Hhee Ransomware is a Djvu Clone Targeting Files to Encrypt
Our team discovered a new ransomware variant, Hhee, which is part of the Djvu family. Hhee encrypts data and adds the ".hhee" extension to the affected files. After encryption, it leaves a "_readme.txt" ransom note... Read more
How to Avoid Magazinesfluentlymercury.com Ads
If you find that your browser is constantly being redirected to the Magazinesfluentlymercury.com website, it's very possible that you have an unwanted program or extension installed on your device. This site displays... Read more
ScareCrow Ransomware - What Is it and How Does it Work?
Our research team recently discovered ScareCrow, a ransomware-type program, while investigating new submissions to VirusTotal. After executing a sample on our test system, we noticed that the ransomware encrypted... Read more
Watch Out for Searchresultsquickly.com Browser Hijacker Fraud
Searchresultsquickly.com is a fraudulent search engine that operates by displaying misleading content. Such search engines are known for collecting user information, and although searchresultsquickly.com provides... Read more
How to Stop CaptchaCoolNow Bad Redirects
CaptchaCoolNow.Top is a malicious website that tries to trick people into subscribing to its push notifications so it can send spam directly to their devices. It does this by showing fake error messages and alerts,... Read more
Mikel Ransomware is a Proxima Clone That Targets Various File Types
Mikel is a type of ransomware that encrypts data and demands payment in exchange for its release. The new variant belongs to the Proxima family. The Mikel ransomware appends files with the ".mikel" extension. A ransom... Read more
Beware of Dybdended.com Fake Warning Messages
Dybdended.com is a malicious website that our research team uncovered during their investigation of suspicious sites. The web page promotes scams and pushes browser notifications, and can redirect visitors to other... Read more
How to Prevent Topreqdusa.com Ads and Pop-Ups
Topreqdusa.com is a website that has been identified as untrustworthy and potentially dangerous. Its purpose is to promote browser notification spam, using fake CAPTCHA verification to deceive visitors into enabling... Read more
Hhmm Ransomware Joins Djvu Clone Family
A new variant of the Djvu ransomware, called Hhmm, has been discovered. It will encrypt files on a system and rename them with its own name as an extension. This includes executables, archives, documents and... Read more
