Threats
What is FormsApp Malware?
FormsApp is the name of a malicious program that combines features typical for adware and Trojans. FormsApp can enter your system through various means. These include hitting bad redirects that can refer you directly... Read more
Ccyu Ransomware is Yet Another Djvu Clone Targeting Files to Encrypt
Ccyu ransomware is the name of a newly discovered strain of file-encrypting malware. The new variant is the latest addition to the already huge family of ransomware clones based on the Djvu ransomware. The new... Read more
What is OperationReview Mac Adware?
OperationReview is the name of yet another clone of the AdLoad adware family. AdLoad is the name given to a massive family of adware clones, all having different names but the same functionality - delivering ads in... Read more
Toa Ransomware is a New Chaos Clone
A new ransomware variant based on Chaos ransomware code was recently spotted in the wild. The new strain is called the Toa ransomware. The Toa ransomware exhibits behavior that is largely in line with other Chaos... Read more
YamaBot Malware Employed by Lazarus Group
YamaBot is the name of a piece of malware, employed by the threat actor that goes by the name of Lazarus group. YamaBot is also known by the name Kaos and is written and compiled in the Go programming language - an... Read more
Findresultsnow.co Combines Fake Search Engine and Browser Hijacker
Findresultsnow dot co is a fake search engine that also exhibits some behavioral patterns typical for browser hijackers used to push ads. Like most fake search engines, Findresultsnow dot co will provide some sort of... Read more
RapperBot Malware Borrows from Mirai Botnet
RapperBot is the name of a piece of malware discovered by researchers with FortiGuard Labs. The new bot malware is based on code from the infamous Mirai botnet and has been described as "rapidly evolving". The chief... Read more
Woody RAT Can Exfiltrate Data
Woody RAT is the name of a newly discovered piece of malware that exhibits a wide range of malicious capabilities. As the name suggests, Woody is a remote access Trojan or a RAT. This sort of malicious tool is usually... Read more
Beware of the 'Your Windows Got Corrupted Due To Virus' Scam
There is yet another scam making the rounds, this time distributed through malicious referrals and rogue ads. While most scams rely on malicious spam emails, this one is hosted on websites. The gist of the scam is... Read more
Payt Ransomware Lists No Specific Ransom Demand
Payt ransomware is the name of a new strain of file-encrypting malware. This new variant does not seem to belong to any particular ransomware family. Once deployed on a target system, Payt encrypts files on it,... Read more
Musicinmysoul.biz Pushes Ads Through Fake Anti-Bot Check
Musicinmysoul dot biz is a very pedestrian, unremarkable misleading website. The simple lure it uses to push ads to visitors is a fake anti-bot check. Landing on Musicinmysoul dot biz, you would see a cartoon image of... Read more
Readnet Ransomware Joins MedusaLocker Clones
A newly discovered ransomware variant expands the existing lineup of ransomware clones based on MedusaLocker code. The newest strain is named Readnet ransomware. Readnet works as expected, encrypting files on the... Read more
Ccew Ransomware Asks for Modest Ransom
Ccew ransomware is the name of yet another Djvu ransomware clone that was spotted in the wild. Ccew is the latest in an endless string of ransomware variants based on Djvu code. There are at least a few coming out... Read more
How to Avoid Guroshield.com Ads
Guroshield dot com is a misleading website that uses simple social engineering tricks to push ads in your browser. Landing on Guroshield dot com will usually mean you either hit a bad redirect or clicked a rogue ad on... Read more
Private-mastermind.com Pushes Ads Through Fake Gifts
Private-mastermind dot com is a misleading website that combines elements of ad-pushing browser hijackers and scam pages. Landing on Private-mastermind dot com, you will see rows of icons showing wrapped gift boxes,... Read more
Qstx Ransomware is the Latest Djvu Clone
Qstx ransomware is the name of yet another ransomware clone, based on Djvu ransomware code, that was spotted in the wild by researchers. The Qstx ransomware encrypts files on the targeted system, making them unusable.... Read more
Beware of the Webmail Manager Email Scam
A new malicious email campaign is distributing yet another scam. The latest one is called the "webmail manager" email scam. This scam attempts to scare the victim into thinking their email account will be shut down... Read more
Vvyu Ransomware Joins Ranks of Djvu Clones
A new ransomware variant has been spotted in the wild, this time it is another Djvu clone, named the Vvyu ransomware. Vvyu does absolutely nothing to set itself apart from other Djvu clones. It will encrypt files,... Read more
