Our malware researchers have discovered a new Dharma ransomware variant called Snwd (it was found during the analysis of malware samples submitted to VirusTotal). Snwd encrypts files and appends the victim's ID, snowwind@tutanota.com email address, and the ".snwd" extension to filenames. Its ranso
After analyzing the Search-Guard browser extension, our researchers determined that it operates as a browser hijacker. This piece of software makes modifications to browser settings in order to promote (by causing redirects to) the search-guard.xyz fake search engine. When installed on our
Our researchers discovered EmergingZip while inspecting new submissions to VirusTotal. After analyzing this application, we determined that it is a piece of advertising-supported software. Additionally, this adware belongs to the AdLoad malware family. Software like EmergingZip may need
Clean-your-pc[.]xyz is a rogue site designed to load deceptive content, promote browser notification spam, and redirect visitors to other (likely dubious/malicious) webpages. Our research team discovered this page while checking out untrustworthy websites. Users seldom access sites like clean-you
Messagereceiver[.]com is a deceptive website that uses a clickbait technique to trick visitors into allowing it to show notifications and redirects them to other pages. We have discovered it while examining sites that use rogue advertising networks. It is very uncommon for pages like messagereceiv
DeezNuts Crypter is a piece of malicious software classified as ransomware. Our research team found it while inspecting new submissions to VirusTotal. After being launched on our test machine, this ransomware encrypted files and renamed them by inserting ".deeznuts-crypter" between the original f
LocatorUpdate is the name of an application that we have discovered while analyzing shady websites. After testing the app, we learned that its purpose is to display intrusive advertisements. LocatorUpdate is a typical advertising-supported application that provides no real value to its users.
Our team has discovered the visible dark application/browser extension on a deceptive page. That page got opened while visiting other websites that use shady advertising networks. After examining the visible dark application, we found that it displays annoying advertisements. Thus, it was conclude
FeaturePremium is a piece of rogue software that our researchers discovered while inspecting new submissions to VirusTotal. Our analysis uncovered that this app operates as adware and belongs to the AdLoad malware family. Adware may not deliver intrusive advertisement campaigns (display
Our team has discovered the p03try-c4t3g0ry[.]xyz website while examining illegal movie streaming, torrent, and similar sites (pages that use rogue advertising networks). P03try-c4t3g0ry[.]xyz is a page that runs the "You've Visited Illegal Infected Website" scam. Also, this untrustworthy site ask