Growtopia (also known as CyberStealer) is an information stealer written in the C# programming language. It can obtain system information, steal information from various applications, and capture screenshots. Its developer claims that it has created this software for educational purposes only. Thi
ApproachWired is a rogue application that our researchers found while inspecting new submissions to VirusTotal. Our analysis of this piece of software revealed that it operates as adware and belongs to the AdLoad malware family. Adware is designed to display advertisements on visited web
CockyGrabber is a piece of malicious software classified as a stealer. This program is designed to steal information from browsers installed onto the infected system. CockyGrabber is capable of extracting data from Google Chrome, Chromium-based, and Gecko-based browsers. This stealer targe
During our routine check on malware samples submitted to the VirusTotal page, we discovered a new ransomware variant (that belongs to the Spora family) called FreedomTeam. We found that it encrypts files, appends the victim's ID, freedomteam@mail.ee email address, and a string of random characters
BTC is the name of a malicious program belonging to the VoidCrypt ransomware family. Our research team discovered this ransomware-type program while inspecting new submissions to VirusTotal. After executing a sample of BTC (VoidCrypt) ransomware on our test system, we learned that it encrypts fil
While inspecting untrustworthy pages, our team discovered an advertising-supported application called DigitalFile. After examination, we concluded that the purpose of DigitalFile is to display annoying (and untrustworthy) advertisements. It is highly advisable not to have this app installed on t
Notfcompreviews[.]com is a website that displays deceptive content (uses a clickbait technique) to trick visitors into agreeing to receive notifications from it. It is uncommon for such pages to be visited intentionally. Our team has discovered notfcompreviews[.]com while examining pages that use
Fdcv is ransomware that encrypts files and appends the ".fdcv" extension to filenames. Also, it creates a text file ("_readme.txt") that contains a ransom note. Our malware researchers have discovered Fdcv while analyzing the samples submitted to the VirusTotal website. They also found that Fdcv b
Our research team found the solidprotectionspc[.]com rogue webpage while inspecting unreliable sites. This page operates by promoting deceptive content, pushing browsing notification spam, and redirecting visitors to other (likely untrustworthy/malicious) websites. Users typically enter these web
While inspecting new malware submissions to VirusTotal, our researchers found a new malicious program called TURKEY, which is based on Chaos ransomware. We acquired a sample from VirusTotal and launched it onto our test system. We learned that the TURKEY ransomware encrypts files and appends thei