Threats
Burntcigar Malware Works in Tandem With Ransomware
Burntcigar is a malware tool that is frequently utilized by cybercriminals in ransomware attacks, particularly in conjunction with the Cuba ransomware variant. Burntcigar actively seeks out process names that seem to... Read more
Oohu Ransomware Scrambles Your Files
While examining malware samples, we came across a ransomware variant called Oohu. Oohu is designed to encrypt files and change their file names by appending the ".oohu" extension. Additionally, Oohu generates a ransom... Read more
ElasticPortable Mac Adware
Our research team came across the ElasticPortable application during a routine examination of new file submissions. Upon conducting a thorough analysis of the app, we determined that it falls under the category of... Read more
BegoniaSemperflorens Browser Hijacker
While investigating a malicious installer, we came across BegoniaSemperflorens and its worrisome behavior as a browser extension. These actions involved implementing the "Managed by your organization" feature within... Read more
Zodiac Search Pushes Fake Search Engine
While investigating suspicious websites, our researchers came across a deceptive page that promotes an installer featuring the Zodiac Search browser extension, marketed as a convenient tool for accessing horoscopes.... Read more
SempervivumTectorum Rogue Browser Extension
While investigating an installer package, we uncovered concerning activities conducted by the SempervivumTectorum browser extension. These actions included enabling the "Managed by your organization" feature within... Read more
AIRAVAT RAT Sneaks Onto Android Devices
AIRAVAT is a Remote Access Trojan (RAT) designed to target Android devices. This type of malware operates by allowing remote access and control over the compromised devices. AIRAVAT encompasses a wide range of harmful... Read more
Oopl Ransomware Encrypts Victim Files
While analyzing malware samples, we encountered a type of ransomware called Oopl. This particular ransomware is designed to encrypt files and modify their file names by adding the ".oopl" extension to them.... Read more
StratusNebulosus Browser Hijacker
Our team came across the StratusNebulosus browser extension while examining a malicious installer obtained from an untrustworthy website. We observed that StratusNebulosus possesses a range of functions once it's... Read more
Knaws.top Displays Fake Warning Messages
Our researchers came across the rogue website knaws.top during an investigation into questionable websites. This website actively promotes online scams and burdens users with browser notification spam. Furthermore, it... Read more
Lifepcessentials.com Displays Fake Virus Warnings
Our research team came across the lifepcessentials.com rogue website while investigating untrustworthy online platforms. This website is engaged in online scams and actively sends out spam browser notifications.... Read more
"Your Google Account Has Been Locked!" Scam
During our investigation of deceptive websites, our research team came across a scam known as the "Your Google Account Has Been Locked!" scam, which specifically operates as a technical support scam. This fraudulent... Read more
3AM Ransomware Locks Victim Files
3AM is a ransomware program coded in the Rust programming language. Its primary objective is to encrypt files. Once the encryption process is completed, it attempts to erase Volume Shadow (VSS) copies. Additionally,... Read more
Ooza Ransomware Will Hold Your System Hostage
While examining malicious software samples, we came across the Ooza ransomware, which is part of the Djvu family. Once this ransomware infiltrates a computer, it encrypts data and appends the ".ooza" extension to file... Read more
NeriumOleander Rogue Extension
While inspecting a malicious installer, we came across NeriumOleander and its concerning activities carried out through this browser extension. These actions included introducing the "Managed by your organization"... Read more
Alltimebestdefender.com Pushes Fake Virus Scares
Alltimebestdefender.com is an illicit website we came across during our investigation of suspicious sites. Its purpose is to facilitate fraudulent activities and disseminate bothersome browser notification spam. It... Read more
Weather Search Rogue Extension
The Weather Search extension, which claims to offer weather forecasts and related information based on the user's location, local time, and browser wallpapers, came to our attention during our investigation of... Read more
Whatodo Browser Hijacker
Our team conducted an evaluation of the Whatodo browser extension and determined that it operates as a browser hijacker. Its primary objective is to promote gsrcunow.com, a fraudulent search engine, by modifying the... Read more
