"YOUR GOOGLE HAS (4) CRITICAL VULNERABILITIES!" is a scam targeting Android users, which we discovered when researching rogue websites. The scheme claims that the site visitor's device is infected and will be blocked - unless they install a "Google Chrome" application. We identified the piece of
Our team has discovered this scam website while analyzing pages that use shady advertising networks. We have examined this page and concluded that it is disguised as a legitimate platform offering to synchronize cryptocurrency wallets with the blockchain. We also found that this site is flagged as
Medusa is the name of a banking trojan that we have researched and analyzed a sample obtained from VirusTotal. This malware targets Android operating systems; it enables remote access control over infected devices and can extract a wide variety of vulnerable data from them. Initially, Medusa was
Sncip is the name of ransomware that we have discovered while checking the VirusTotal page for recently submitted malware samples. Our team has tested Sncip and learned that it encrypts files and appends a string of random characters and the ".sncip" extension to their filenames. Also, it creates
Discovered by our researchers during a routine inspection of sites that use rogue advertising networks, TravelNow is a rogue application. After analyzing it, we determined that it operates as advertising-supported software (adware). Adware is designed to run intrusive advertising campaigns
We have examined the Aumcc ransomware and found that it encrypts files, appends a string of random characters and the ".aumcc" extension to filenames, and generates a ransom note (a text file named "3LUo_HOW_TO_DECRYPT.txt"). Our team has discovered Aumcc while checking the malware samples submitt
Thecred[.]info is a deceptive website that we have discovered while testing illegal movie streaming, torrent, and similar sites that use questionable advertising networks. After examining thecred[.]info, we found that the purpose of this site is to get permission to show notifications and redirect
GpCODE is a malicious program belonging to the Xorist ransomware family, which our researchers found when inspecting new submissions to VirusTotal. On our test system, this ransomware encrypted files and appended the filenames with a ".GpCODE" extension. For example, a file initially titled "1.jp
We have learned about the OptionFlow application while reading forums. Our researchers have concluded that OptionFlow functions as adware - it generates advertisements. We have also found that this app slows down the Safari web browser and can remove apps designed to block advertisements.
We have discovered the kn33-m3dicin3[.]xyz site while examining other pages (various illegal streaming, torrent sites) that use questionable advertising networks. After analyzing this page, we have learned that it displays deceptive content (a fake security alert) and asks for permission to show u