LNK/Agent is a detection name for a Windows system shortcut to a malicious file, program, or folder. Shortcuts (LNK files) detected as LNK/Agent do not contain payload - they launch malicious executables (execute files designed to infect computers with malware). Cybercriminals use LNK files becaus
MSIL/TrojanDownloader.Agent is a detection name for malware that contains a URL (or multiple URLs). It uses that URL to download other malware from the Internet and infect a computer with it. MSIL/TrojanDownloader.Agent targets Windows operating systems. MSIL/TrojanDownloader.Agent malware
Our researchers found the Uigd ransomware while inspecting new submissions to VirusTotal. We also learned that this malicious program belongs to the Djvu ransomware family. After being released onto our test system, this malware began encrypting files and appending their filenames with a ".uigd"
feel dark is a browser extension that promises to enable dark mode for various websites. Our research team discovered this piece of software while inspecting dubious download pages. After analyzing feel dark, we concluded that it operates as adware. Advertising-supported software may requi
We have analyzed the text and links presented in this email and concluded that it is a typical phishing email that scammers use to trick recipients into providing sensitive information. It is disguised as a letter from an email service provided. It contains links to phishing websites asking to ent
Our team has discovered the ColossusAspect application while visiting shady websites that displayed deceptive pop-ups. After analyzing the app, we found that it generates advertisements and can read sensitive information from visited websites. Thus, we concluded that ColossusAspect is adware.
ZipArrow is a piece of rogue software our researchers discovered while looking through new submissions to VirusTotal. After analyzing this app, we determined that it operates as advertising-supported software (adware). Additionally, ZipArrow belongs to the AdLoad malware family. Adware m
We have discovered a ransomware variant called Chernobyl belonging to the Babuk family while examining malware samples submitted to VirusTotal. It was found that this variant encrypts files, appends the ".chernobyl" extension to their filenames, and creates a text file named "Restore Your Files.tx
Our team has discovered a ransomware variant called Eyrv while analyzing the samples submitted to VirusTotal. The purpose of Eyrv ransomware is to encrypt files. It also appends the ".eyrv" extension to filenames (for example, it renames ("1.jpg" to "1.jpg.eyrv", "2.png" to "2.png. eyrv"), and cre
Update-ready[.]com is a rogue webpage designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/malicious) sites. We discovered this page during a routine inspection of shady sites. Users access websites of this type inadvertently. Most enter them via redi