Buyers Assistant is presented as an app that lets users "buy with confidence and speed on eBay". We have discovered Buyers Assistant on a deceptive website that recommends installing an extension on a Chrome browser. After examining the app, we found that it displayed unwanted advertisements. Buye
While inspecting new submissions to VirusTotal, our researchers found ANUBIZ LOCKER - a ransomware-type program that is part of the Babuk ransomware family. Once executed on our test system, ANUBIZ LOCKER encrypted files and appended their filenames with a ".lomer" extension. For example, a file
Ooii is ransomware that has been discovered by our team while checking VirusTotal for recently submitted malware samples. We found that Ooii is part of the Djvu ransomware family. In addition to encrypting files, Ooii renames them by appending the ".ooii" extension and provides a ransom note (crea
ElementryCheck is a rogue app that our researchers discovered during a routine inspection of new submissions to VirusTotal. After analyzing it, we determined that ElementryCheck operates as adware. Additionally, we learned that this piece of software belongs to the AdLoad malware family.
Our malware researchers have discovered the Professor ransomware while examining malware samples submitted to VirusTotal. They have learned that Professor is part of the VoidCrypt ransomware family. This variant encrypts files and appends the profes0r@tutanota.com email address, a string of random
We discovered the External Links Tool application after using an installer downloaded from a deceptive website, claiming that a browser extension may be outdated. After analyzing this app, we found that it generates ads (it functions as adware). Although, it is described as a tool that examines ex
Check-the-trend[.]com is a rogue webpage promoting browser notification spam. It is also capable of redirecting visitors to other unreliable and dangerous sites. Our research team discovered this page while inspecting sites that employ rogue advertising networks. Most users enter check-the-trend[.
Discovered by our research team during a routine inspection of new submissions to VirusTotal, FreshSkill is a rogue application. After analyzing it, we determined that it is a piece of advertising-supported software (adware) belonging to the AdLoad malware family. Adware can require cert
While inspecting new malware submissions on VirusTotal, our researchers found Ew328 ransomware. Once launched on our test machine, this malicious program encrypted files and appended their filenames with a random character string and the ".ew328" extension. For example, a file originally titled "
EvilNominatus (also known as EvilNominatusCrypto and NominatusStrike) is ransomware that we discovered while checking the malware samples on VirusTotal. The purpose of EvilNominatus is to encrypt files. We also found that it renames files by appending "-Locked" to their names and displays a pop-up