Linda is ransomware that encrypts files and modifies filenames. Also, it creates the "!INFO.HTA" file containing a ransom note. Our team has discovered Linda ransomware while checking the VirusTotal page for recently submitted malware samples. It was found that Linda is part of the VoidCrypt ranso
Exobot (also known as Exo Android Bot) is a piece of malicious software targeting Android OSes (Operating Systems). This malware can extract a wide variety of information, and it can also create a botnet (i.e., control a group of infected devices to carry out malicious actions). It must be mentio
We have discovered this application while inspecting various deceptive pages (e.g., websites claiming that installed software is outdated). After downloading and installing DevSoftware, we noticed that it shows unwanted (intrusive) advertisements. Software that displays ads is called adware.
Winalert[.]net is an untrustworthy page that displays deceptive content to trick visitors into allowing it to show notifications. Our team has discovered winalert[.]net while inspecting pages that use rogue advertising networks - we ended up on this site while examining torrent sites, illegal movi
ClickManager is a piece of rogue software that we discovered while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it operates as adware and belongs to the AdLoad malware family. Adware may require certain conditions (e.g., compatible browser/system
Files Download Fast is a browser extension that we found while inspecting untrustworthy websites. This extension is promoted as a file download management tool. However, our analysis revealed that Files Download Fast operates as advertising-supported software (adware). Adware is designed t
Easy Tuning Videos is a rogue browser extension that our researchers discovered while inspecting questionable download pages. Easy Tuning Videos' promotional material claims that it is capable of adjusting video display for viewers' benefit. After analyzing this piece of software, we determined th
While inspecting deceptive download webpages, our researchers discovered the "more styles" browser extension. It promises to allow users to customize website appearance, e.g., changing the page's hue, color opacity, etc. After analyzing this piece of software, we learned that it operates as adware
Pay2Decrypt is the name of a malicious program categorized as ransomware. Malware of this type is designed to encrypt data and demand ransoms for the decryption. We executed a sample of Pay2Decrypt on our test machine, and this ransomware encrypted files and changed their filenames. The original
SafeSoft PC Cleaner is advertised as a program that makes a computer fast and secure (that cleans and optimizes a computer). We have found that a few security vendors on the VirusTotal page flagged its installer (and the program itself) as malicious. We recommend not to use programs of this kind.