Threats
Hgfu Ransomware Will Lock Your Files
While examining malicious software samples, we came across the Hgfu ransomware, which is part of the Djvu malware family. Once it infiltrates a computer, this ransomware encrypts files and appends the ".hgfu"... Read more
Totalsystematicpcanalytic.info Displays Fake Virus Warnings to Scare Visitors
Totalsystematicpcanalytic.info is an illegitimate website created to promote fraudulent activities and send unwanted browser notifications, which can also redirect users to other potentially unreliable or harmful... Read more
"Donation From Coca-Cola" Email Scam
After thoroughly examining the email in question, we have determined that it is part of a fraudulent scheme. It is designed to appear as if it originates from the Coca-Cola company, but it is actually the work of... Read more
Dragon Baby Browser Hijacker
During our routine examination of deceptive websites, our researchers stumbled upon the Dragon Baby browser extension. Upon thorough analysis, we determined that this software functions as a browser hijacker. Dragon... Read more
“Nehmeh Purchase Order” Email Scam
Our analysis of the "Nehmeh Purchase Order" email has revealed that it is associated with a phishing scam. This deceptive email instructs the recipient to review the details of a potential purchase provided in the... Read more
RDP Stealer Goes After Remote Desktop Login Credentials
RDP stealer is a malicious software designed to target the login credentials used for Remote Desktop Protocol (RDP). The developers of this program are selling it online, and the method of distributing this malware... Read more
Hgew Ransomware is a Djvu Variant
While examining new malware samples, we encountered a ransomware variant known as Hgew. This specific ransomware is crafted to encrypt files and modify their names by adding the ".hgew" extension. Additionally, Hgew... Read more
DominantNetwork Mac Adware
Our research team came across the DominantNetwork adware-type application during our review of new file submissions on the VirusTotal website. This software is affiliated with the AdLoad malware family and is designed... Read more
Grounding Conductor Ransomware Demands Bitcoin
While examining malware samples uploaded to VirusTotal, our team came across a ransomware variant known as Grounding Conductor. Grounding Conductor's primary objective is to obstruct victims from accessing their files... Read more
"Error Code: W9KA528V" Tech Support Scam
During a routine investigation of untrustworthy websites, our research team came across the "Error Code: W9KA528V" technical support scam. This scam is presented as a warning purportedly from Microsoft Windows,... Read more
NodeZipArray Adware is an AdLoad Variant
During our assessment of the NodeZipArray application, our team observed its frequent display of advertisements, classifying it as adware. It's essential to underscore that such software is often promoted and... Read more
ParaceratheriumBugtiense Browser Hijacker
During our analysis of the ParaceratheriumBugtiense browser extension, we encountered concerning activities, which involved enabling the "Managed by your organization" feature in Chrome settings and gathering user... Read more
6y8dghklp Ransomware Encrypts Files
Our researchers came across the 6y8dghklp ransomware while examining recent submissions. This malicious software belongs to the Phobos ransomware family. On our test system, the 6y8dghklp ransomware encrypted files... Read more
DefaultBoost is an AdLoad Variant
Our research team came across the DefaultBoost rogue application during a routine evaluation of new file sample submissions. Upon investigation, we determined that DefaultBoost is adware affiliated with the AdLoad... Read more
Systemsecurity.click Displays Fake Virus Warnings
While conducting an investigation into suspicious websites, our research team came across the systemsecurity.click webpage. Its primary purpose is to facilitate fraudulent activities and inundate users with unwanted... Read more
AdvancedUpdater Mac Adware
Upon evaluating the AdvancedUpdater application, we've observed its frequent display of intrusive advertisements. This places it in the category of adware, a type of software that users often install without a... Read more
Alvaro Ransomware Lists No Ransom Sum
Alvaro is a form of ransomware software designed with the intention of encrypting files and then demanding a ransom for their decryption. Upon running a sample of Alvaro on our test system, it proceeded to encrypt the... Read more
Rapid Spell Check Extension Acts as Hijacker
After assessing the Rapid Spell Check Extension, it became evident that its primary objective is to operate as a browser hijacker, with the aim of promoting a fraudulent search engine called find.msrc-nav.com. This... Read more
