Erbium is a piece of malicious software classified as a stealer. Malware within this category is designed to extract vulnerable data from infected devices. Our researchers discovered Erbium while inspecting malware-selling hotspots. Erbium begins its operations by gathering device data, su
Moderncaptcha[.]top displays deceptive content/uses a clickbait technique to trick visitors into allowing it to show notifications. Also, it promotes a scam website. Typically, websites like moderncaptcha[.]top are visited unintentionally. We have discovered moderncaptcha[.]top while inspecting pa
Mp3-now[.]com is an untrustworthy site that our research team found while inspecting dubious pages. This website offers to convert YouTube video links to downloadable MP3 (audio) files. Not only does this service break copyright laws, but this site also uses rogue advertising networks that are kn
Super Colors is an advertising-supported application. It generates various intrusive advertisements and can read and change all data on all websites. We discovered this application on a shady website offering to add Super Colors before continuing to the page. Super Colors is described as a
After examining ytmp3[.]sh, we learned that this website offers to download videos from YouTube (which is not entirely legal). Also, it asks for permission to show notifications and uses rogue advertising networks (it has untrustworthy ads on it and can redirect to questionable pages). Cli
TeachPad is a rogue app that our researchers discovered while investigating new submissions to VirusTotal. After analyzing this piece of software, we learned that TeachPad operates as adware and belongs to the AdLoad malware family. Advertising-supported software (adware) is designed to
Ukentaspe[.]xyz is one of the deceptive websites that display fake/deceptive messages to trick visitors into allowing them to show notifications. Also, this site can redirect to other shady websites. We discovered ukentaspe[.]xyz while checking out pages that use rogue advertising networks.
While inspecting new submissions to VirusTotal, our researchers found yet another malicious program belonging to the Phobos ransomware family. We acquired a sample of this ransomware-type program called BITCOINPAYMENT and executed it on our test machine. This ransomware encrypted files and append
Style-buzz-blog[.]com is an untrustworthy page that shows deceptive messages to trick visitors into allowing it to show notifications. Also, style-buzz-blog[.]com redirects visitors to other pages of this kind. We discovered this site while examining pages that use rogue advertising networks (it i
Ccyu is ransomware belonging to the Djvu family. We discovered it while inspecting malware samples submitted to the VirusTotal site. Ccyu encrypts and renames files (by appending the ".ccyu" extension to filenames). It also drops a ransom note, a text file named "_readme.txt". An example of how C