Defenderlab[.]xyz is a deceptive page running the "Your PC is infected with 5 viruses!" scam. Also, it asks for permission to show untrustworthy notifications. Our team has discovered defenderlab[.]xyz while inspecting pages that use rogue advertising networks. Pages like defenderlab[.]xyz are not
MaliBot is a banking trojan targeting Android Operating Systems (OSes). As its name implies, this malware primarily seeks to extract information relating to victims' banking and finances. However, MaliBot is a multifunctional piece of malicious software capable of performing various actions on in
We have discovered the Light Tab application after inspecting a deceptive website instructing visitors to download and install a recommended application. After examining this app, we found that it hijacks a web browser by changing some of its settings to search.lighttab.me. Light Tab is a browser
Proxy2Service is the name of a malicious program our team has discovered after inspecting a deceptive installer downloaded from a cracked software distribution page. We found that Proxy2Service forces web browser to open various (potentially malicious) websites. We also learned that Proxy2Service
"Pirated Windows Software detected in this Computer" is a tech support scam that our researchers discovered while inspecting untrustworthy websites. Technical support scams aim to trick users into calling fake helplines and allowing cyber criminals remote access to their devices - by claiming tha
It is a technical support scam claiming that a computer is infected. Like most scam sites displaying fake pop-ups, this one uses a scare tactic to trick unsuspecting visitors into performing certain actions. We have discovered this tech support scam while inspecting other pages that use rogue adve
While inspecting malware samples submitted to the VirusTotal page, we discovered LIZARD - ransomware belonging to the Phobos family. It encrypts files and appends the victim's ID, r3wuq@tuta.io email address, and ".LIZARD" extension to filenames. LIZARD also creates "info.hta" (a file that opens a
ProcesserGrid is a rogue app that our researchers discovered while checking out new submissions to VirusTotal. After inspecting this piece of software, we learned that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software may require specific cond
During a routine inspection of new submissions to VirusTotal, our research team discovered the CommonCreative rogue application. Our analysis of CommonCreative revealed that it is adware belonging to the AdLoad malware family. Advertising-supported software (adware) operates by displayin
After analyzing this "Pride Mobility" email, we determined that it is malspam. This letter is presented as a message regarding a purchase. It must be emphasized that this email is not associated with the legitimate Pride Mobility Products company or any other real entities. The "Pride Mobility" s