During a routine inspection of new malware submissions to VirusTotal, our research team discovered the Selena ransomware-type program. We obtained a sample for testing from VirusTotal. On our test machine, this malicious program encrypted files and altered their filenames. The names of affected f
We have discovered a new Djvu ransomware variant called Egfg. It was found while checking the VirusTotal page for recently submitted malware samples. Egfg encrypts files and appends its extension (".egfg") to filenames. Also, it creates a ransom note (the "_readme.txt" file). An example of how fi
NetDivision is an application that our researchers discovered while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software (adware) is designed to
Defendprivacyservice[.]com displays deceptive content to trick visitors into believing that their computers are infected. The purpose of this site is to promote antivirus software. It is operated by affiliates who aim to collect illegitimate commissions. We have discovered defendprivacyservice[.]c
We have discovered the DomainNameProduct application on a shady web page. After analyzing DomainNameProduct, we found that it is a typical advertising-supported application - the purpose of this app is to generate annoying advertisements. Advertising-supported applications like DomainNam
Notification-news[.]com is a rogue website that our research team found while inspecting various questionable pages. This site is designed to push browser notification spam and redirect visitors to other (likely untrustworthy/malicious) webpages. Most visitors to websites like notification-news[.
While inspecting dubious websites, we discovered the maloprotect[.]xyz rogue webpage. It is designed to load deceptive material (scams), push spam browser notifications, and redirect visitors to different (likely unreliable/malicious) sites. Users typically access pages like maloprotect[.]xyz thro
AuraLookup is a rogue application that we discovered while inspecting new submissions to VirusTotal. After analyzing this app, we learned that it operates as advertising-supported software (adware) and is part of the AdLoad malware family. Adware might require certain conditions to run i
LatestFeed is a rogue applications that our researchers found while looking through new submissions o VirusTotal. After analyzing this piece of software, we determined that it operates as adware and belongs to the AdLoad malware family. Adware enables the placement of third-party graphic
Ourcommonnews[.]com is a rogue webpage that our research team found during a routine inspection of untrustworthy sites. It operates by pushing browser notification spam and redirecting visitors to other (likely unreliable/malicious) websites. Most users enter such sites via redirects caused by pag