LocatorUpdate is the name of an application that we have discovered while analyzing shady websites. After testing the app, we learned that its purpose is to display intrusive advertisements. LocatorUpdate is a typical advertising-supported application that provides no real value to its users.
Our team has discovered the visible dark application/browser extension on a deceptive page. That page got opened while visiting other websites that use shady advertising networks. After examining the visible dark application, we found that it displays annoying advertisements. Thus, it was conclude
FeaturePremium is a piece of rogue software that our researchers discovered while inspecting new submissions to VirusTotal. Our analysis uncovered that this app operates as adware and belongs to the AdLoad malware family. Adware may not deliver intrusive advertisement campaigns (display
Our team has discovered the p03try-c4t3g0ry[.]xyz website while examining illegal movie streaming, torrent, and similar sites (pages that use rogue advertising networks). P03try-c4t3g0ry[.]xyz is a page that runs the "You've Visited Illegal Infected Website" scam. Also, this untrustworthy site ask
CH Miner is the name of a cryptocurrency miner with Remote Administration Trojan (RAT) and clipper functionality. It is created by the same cybercriminals who have developed the Echelon Stealer. Our team has discovered the CH Miner on a hacker forum. It costs $20 for three days, $40 for a week, $
During a routine inspection of new submissions to VirusTotal, our research team found the AgentAdmin application. After analyzing this app, we learned that it operates as advertising-supported software (adware), and it also belongs to the AdLoad malware family. Advertising-supported soft
Our malware researchers have discovered a ransomware variant called Kxde while analyzing the samples submitted to VirusTotal. This variant is part of the Djvu ransomware family. It encrypts files and appends the ".kxde" extension to filenames. Kxde also provides a ransom note (creates a text file
1xExujJunyRVG8MWnEgxdHkVwW7xSzntZ is the name of a clipper-type malware. Malicious programs of this kind are also known as "clipboard hijackers"; they operate by changing clipboard data. Typically, clippers are used to redirect outgoing cryptocurrency transactions by replacing the intended wallet'
Securesoftwarepc[.]com is a shady website running the "McAfee - Your PC is infected with 5 viruses!" scam and asking for permission to show notifications. Our team has discovered this deceptive page while examining other pages of this kind that use rogue advertising networks. The purpose o
MySpace Tab is an application that we discovered on a shady website offering to "download and install recommended Chrome extension". After testing the app, we learned that it is a browser hijacker that promotes a fake search engine. It changes some of the browser's settings to search.spaceytab.com