Threats
What Does InstantFresh Adware Do?
Our research team recently discovered the InstantFresh app while investigating newly submitted files on online threat databases. Upon inspection, we found that it is an adware belonging to the AdLoad malware family.... Read more
Rhadamanthys Stealer Abuses Google Ads to Deliver Payload
Rhadamanthys, a malicious software designed to steal data such as passwords and email addresses, is now being advertised on Google ads. It is also targeting cryptocurrency wallet credentials and is being marketed as... Read more
Website Screen Protection Rogue Extension
Website Screen Protection is a rogue browser extension, which is advertised as a parental control tool for manually blocking websites. However, a more detailed look into it shows that this extension actually functions... Read more
Pouu Ransomware is a New Djvu Clone
Pouu is a type of ransomware that belongs to the Djvu family. It encrypts data and adds the ".pouu" extension to filenames, as well as creating a "_readme.txt" file with instructions for victims. Our malware... Read more
Word Counter Widget Rogue Extension
Our team has conducted an investigation into the Word Counter Widget browser extension and found it to be displaying intrusive ads. As a result, we have classified it as adware. This type of software is often... Read more
"Data Backup" Email Scam
"Data Backup" is the name given to an email scam. It is a phishing attack that attempts to get the login credentials of email accounts. The fake message states that the mail service will be terminated in 24 hours... Read more
GOGO Ransomware is a New VoidCrypt Offshoot That Encrypts Data
GOGO is a ransomware-type program that belongs to the VoidCrypt ransomware family. It encrypts files and appends them with a unique ID, the cyber criminals' email address, and a ".GOGO" extension. A file originally... Read more
'TROJAN_2022 And Other Viruses Detected' Scam
We uncovered a scam known as the "TROJAN_2022 And Other Viruses Detected" while inspecting sites that promote rogue advertising networks. This fake content claims that the visitor's device is infected with multiple... Read more
Aavpolse.xyz Uses Fake Virus Warnings to Push Ads
Our researchers recently uncovered a rogue page known as Aavpolse.xyz. This webpage is designed to promote scams, push browser notifications, and redirect users to other potentially malicious websites. It is believed... Read more
What is the Tzw Ransomware?
Tzw is a ransomware-type program that was discovered by researchers while inspecting new submissions to online virus databases. When executed, it encrypts files and changes their titles, adding the ".tzw" extension. A... Read more
Securitypczone.site Pushes Fake Warnings to Scare Visitors
Securitypczone.site is a deceptive website that attempts to frighten and intimidate visitors with false warnings. This type of page is known as a "fake virus warning" misleading site. These pages often display... Read more
What is the Seiv Ransomware Threat?
Seiv is a type of ransomware that encrypts data and demands ransoms for decryption. After encryption, the filenames are appended with the ".seiv" extension. Additionally, a text file titled "read_me_seiv.txt" and a... Read more
STEEL Ransomware is a New Phobos Variant
We recently discovered a new ransomware variant belonging to the Phobos family called STEEL. This malicious software encrypts files and adds a unique ID, an email address (codeofhonor@tuta.io), and the ".STEEL"... Read more
VectorStealer Malware Can Exfiltrate Sensitive Data
VectorStealer is a type of malicious software that is used to steal sensitive data without the user's knowledge. It is classified as an information stealer and can be used to extract login details, credit card... Read more
What is the Poqw Ransomware?
Poqw is a type of ransomware that encrypts files and adds the extension ".poqw" to the filenames. It was discovered while analyzing malware samples submitted to online threat databases. Poqw may be bundled together... Read more
Nyx Ransomware Lists No Ransom Sum
Nyx ransomware is a malicious software that encrypts files and appends the victim's ID, an email address, and the ".NYX" extension to filenames. It also drops a "READ_ME.txt" file with instructions on how to restore... Read more
NeedleDropper Clipper Malware
NeedleDropper is a malicious software that is sold on hacking forums and used to inject other malware. It is a self-extracting archive containing files for executing the payloads. Cybercriminals have been observed... Read more
Septwolves Ransomware Asks for Bitcoin Ransom
Septwolves ransomware has been identified as a malicious program that encrypts files and appends the ".septwolves" extension to filenames. Victims of this ransomware are unable to access their documents, photos,... Read more
