Threats
What does the Cup Rogue Extension do to your Web Browser?
Cup is the name of a browser extension that acts like adware. Similar browser extensions that exhibit potentially unwanted software behavior are commonly called rogue extensions. Adware is software that will display... Read more
The 'Password Is Scheduled To Expire' Scam is a Dangerous Phishing Scheme
Yet another online scam is targeting victim inboxes. The new scam is being distributed through malicious spam emails and is in essence an attempt to phish out credentials from victims. The entire scam is built on a... Read more
Demon Ransomware Uses Terse Ransom Note
Demon ransomware is the name of a newly discovered ransomware variant. While there is no hard evidence that it belongs to any bigger ransomware family, some antivirus products are detecting it as a variant of the... Read more
What is the ClickDark Rogue Extension?
ClickDark is the name of a rogue extension that acts as adware. Adware, also known as ad-supported software, is a category of potentially unwanted software. Adware operates by displaying ads on the system it is... Read more
Watch Out For The Browser-in-the-Browser Phishing Attack
A new approach to phishing attacks was detailed and described in a report published by researchers with Group IB. The new attack approach is called "browser-in-the-browser" and bears a slight resemblance to the... Read more
MONTI Ransomware - a New Conti Clone
MONTI ransomware is a new ransomware variant based on Conti ransomware code. The MONTI ransomware is likely built using leaked code from the Conti group after tons of Conti information was leaked in early 2022. The... Read more
AnswerPCAP is a Rogue Optimization App
AnswerPCAP is the name of a potentially unwanted application that falls into the subcategory of rogue optimization tools or apps. Potentially unwanted apps are a category of software that fills the void between... Read more
ModernLoader Used to Deliver More Malware
ModernLoader is the name of a newly discovered malicious tool. The malware acts as a remote access trojan or a RAT. ModernLoader is associated with a multi-payload, multi-stage attack conducted by threat actors over... Read more
What does the DisLight Rogue Extension do?
DisLight is one of the dozens of recently released rogue browser extensions that offer one thing but come bundled with something very different. What all those rogue extensions have in common is the advertised... Read more
How to Avoid Protect-data-2022.xyz Ads
Protect-data-2022 dot xyz is a misleading website that uses fake virus warnings to scare users into accepting push notifications and ads from it. You likely did not find Protect-data-2022 dot xyz through a web search,... Read more
NominatusCrypt Ransomware Preserves Filenames and Extensions
NominatusCrypt is the name of a newly discovered strain of file-encrypting malware. The new variant appears to belong to the family of ransomware clones based on the EvilNominatus ransomware. While NominatusCrypt will... Read more
What is ProgressBoost Adware on MacOS Computers?
ProgressBoost is the nonsensical name of a Mac app that ad-supported software behavior. Ad-supported software is also referred to simply as adware. The ProgressBoost app will not improve your user experience in any... Read more
How to Avoid Maincaptcha.top Ad Pop-Ups
Maincaptcha dot top is a very vanilla misleading website that exists only to push ads in your browser. Landing on Maincaptcha dot top, you will be greeted with a clipart image of a cute robot, along with text telling... Read more
Gnik Ransomware is a Vicious Clone of Dharma
There is a new Dharma ransomware clone in the wild, as spotted by security researchers. The new variant is called the Gnik ransomware. Gnik does nothing out of the ordinary when it comes to ransomware. It encrypts... Read more
Beware of the 'DHL e-Shipping Invoice Scam'
There is a new email-focused scam being distributed online. The new attempt to scam people is called the "DHL e-shipping invoice scam". Like many similar scams, this one abuses the name of a popular brand, in this... Read more
What does the CoolADSBlockSearch Browser Hijacker do?
CoolADSBlockSearch is a rogue browser extension that exhibits behaviors typical for browser hijackers. Browser hijackers and rogue browser extensions are both subcategories of potentially unwanted applications. In the... Read more
Eewt Ransomware Copies Every Other Djvu Variant
Eewt ransomware is a newly discovered ransomware clone based on Djvu code. There is nothing remarkable or unusual about Eewt - it does everything exactly the same as every other recent Djvu variant. Files get... Read more
TigerRAT - a Lazarus Group Tool
TigerRAT is a new malicious tool that researchers believe is linked to the advanced persistent threat actor known as Lazarus Group. Lazarus Group is a threat actor believed to be comprised of North Korean individuals,... Read more
