While inspecting new submissions to VirusTotal, we found the ExpressionCargo rogue application. Our analysis revealed that this app operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware is designed to display advertisements (e.g., pop-ups, b
Our research team discovered the trusted-captcha[.]top rogue page while inspecting dubious websites. It is designed to push browser notification spam and redirect visitors to other (likely untrustworthy/malicious) sites. Most users access such webpages through redirects caused by sites using rogue
While inspecting deceptive websites, our research team found the "LUNA Giveaway" scam. It promises users twice-fold the return on the cryptocurrency that users transfer to it. However, this giveaway is a scam, and all the funds given to it will be lost. To create the impression of legitimacy, the
Captchatest[.]top is a rogue webpage that we found while inspecting untrustworthy sites. This page is designed to push browser notification spam and redirect visitors to other (likely unreliable/malicious) websites. Users typically enter such webpages through redirects caused by sites using rogue
After inspecting the "Twitter Crypto Giveaway" we determined that it is a scam. Similar to countless fake cryptocurrency giveaways, this scam promises to double the amount of Bitcoin (BTC) or Ethereum (ETH) that users transfer to it. The scheme is presented as a giveaway created by Elon Musk - a
Our research team discovered the Eegf ransomware while inspecting new submissions to VirusTotal. We determined that this program belongs to the Djvu ransomware family. After we launched this ransomware on our test machine, it encrypted files and appended their filename with the ".eegf" extension.
Bnrs is a ransomware-type program that our researchers discovered while inspecting new submissions to VirusTotal. We determined that Bnrs is part of the Djvu ransomware family. When we executed a sample of this ransomware on our test machine, it encrypted files and appended their filenames with a
Fit Video Display is a rogue browser extension that our researchers discovered while inspecting deceptive download webpages. This piece of software promises various video display related features. However, our analysis revealed that Fit Video Display operates as adware. Advertising-support
Rrcc is the name of ransomware that our team has discovered while checking the VirusTotal page for recently submitted malware samples. We found that Rrcc encrypts files and appends the ".rrcc" extension to filenames. It also creates a ransom note (the "_readme.txt" file containing payment and cont
While inspecting deceptive promotional sites, our researchers found the SwiftSearch browser extension. After analyzing SwiftSearch, we determined that it operates as a browser hijacker. The extension changes browser settings to promote the swiftsearch.com fake search engine. Additionally, SwiftSea