Threat research notebook
Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.
291 lab recordsCybersecurity researchers have found MassJacker, a new, previously undocumented malware. It targets a predominantly freebie-seeking audience, i.e. users of pirated content. MassJacker Malware Targets Piracy Users MassJacker is a recently discovered malware that targets...
The release of DeepSeek AI chatbot gave a push for an enormous number of DeepSeek scams...
Windows Defender Security Center scam pop-ups imitate Microsoft alerts and push fake support calls. Learn how...
Jupiter Airdrop scam is an alleged crypto-airdrop campaign that promises free crypto tokens, yet in return...
Sync.clearnview.com alerts usually point to a browser redirect, notification, extension, or adware issue. Learn the safe cleanup order.
AlrustiqApp.exe, also shown as Alrustiq Service, can indicate a miner-like unwanted app. Learn what to check in Task Manager, Services, Startup Apps, and how...
Nnice ransomware is a malware strain that aims at encrypting user files and demanding ransom payment for their decryption. Detected on January 14, 2025,...
Unsecapp.exe is a legitimate Windows process tied to WMI (Windows Management Instrumentation). It often appears in Task Manager only when another app uses WMI,...
Contacto virus is a newly identified ransomware strain that encrypts victims’ files and demands a ransom for their decryption. We identified this sample on...
Defender found Trojan:JS/FakeUpdate.HNAP!MTB? Learn when it is a browser or OBS cache alert, when it is real FakeUpdates malware, and how to clean it...
RDPLocker is a virus that encrypts the files and demands for a ransom payment for their decryption. It was first detected on malware analysis...
Softonic is legit, but not every download is safe. Learn APK, fake button, bundled installer, PUA, and file-verification risks before installing.
Audiodg.exe is the Windows Audio Device Graph Isolation process. It is a legitimate Microsoft component that lets Windows run audio effects, enhancements, spatial sound,...
AI deepnude sites can expose photos, accounts, payments, and consent-sensitive images. Learn the privacy, scam, malware, and reporting risks before uploading anything.
MicrosoftHost.exe is a malicious process that the malware creates to disguise itself as a benign process. Users may witness high CPU load coming from...
AlienWare is a type of ransomware designed to lock your files and hold them hostage until you pay up. It’s sneaky and frustrating, leaving...
Defender flagged Trojan:Win32/Pomal!rfn? Learn how to check the file path, source, signature, false-positive signs, MSERT scan, and safe removal steps.
Novalock is a sophisticated form of malware designed to encrypt your files and then demand payment for their release. It belongs to the Globeimposter...
Locklocklock is a ransomware virus designed to lock your files and demand payment to restore access. Victims can identify encrypted files by the addition...
Trojan:Win32/Patched refers to a detection for modified versions of legitimate programs. Often such modifications are made to add malicious functionality to a program. Trojan:Win32/Patched...
