Kashima is a piece of malicious software categorized as ransomware. Our research team discovered it during a routine inspection of new submissions to VirusTotal. Typically, ransomware operates by encrypting files for the purpose of making ransom demands for their decryption. However, after analyz
Our team has discovered the AdzShield application while auditing shady websites that display pop-ups to promote it. After testing the app, we learned that it operates as adware - it generates intrusive advertisements. Pretty often, adware developers conceal the fact that their software generates a
PointAnalytics is a rogue app that was reported by a user on a support forum. After analyzing this piece of software, our researchers determined that it operates as adware. Additionally, we learned that PointAnalytics belongs to the AdLoad malware family. Once installed onto our test mac
pEaKyBlNdEr is ransomware that belongs to the Xorist family. We have discovered it while checking the VirusTotal site for recently submitted malware samples. After analyzing pEaKyBlNdEr, we learned that it encrypts files and appends ".pEaKyBlNdEr" extension to filenames. It provides ransom notes i
We have discovered GootLoader malware while examining legitimate but compromised websites (mainly websites managed using WordPress). It was found that GootLoader is used to infect computers with additional malware. Cybercriminals using GootLoader seek to trick users into unknowingly downloading an
We have discovered the Xioxian while analyzing malware samples submitted to the VirusTotal page. It was found that Xioxian is ransomware. It encrypts files, appends the ".xioxian" extension to filenames, and generates a ransom note (the "#Congratulations#.txt" file). An example of how Xioxian mod
During a routine inspection of new malware submissions to VirusTotal, our research team found the Ynzwj ransomware. This program operates by encrypting data (rendering it inaccessible) and demanding payment for the decryption (access recovery). On our test machine, this ransomware appended the fi
After analyzing StreamUltraSearch, we determined that it operates as a browser hijacker. This piece of software modifies browser settings to promote the streamultrasearch.com fake search engine. Once installed onto our test machine, StreamUltraSearch reassigned the browser's default search
TechPartition is a rogue app our research team found while checking out new submissions to VirusTotal. When we installed this piece of software onto our test machine, we learned that it operates as adware. Additionally, we determined that TechPartition belongs to the AdLoad malware family.
Notificationstech[.]com is an untrustworthy website designed to trick visitors into allowing it to show notifications. Our team has discovered it while inspecting other sites that use rogue advertising networks (various illegal streaming, torrent sites, and so on). Another problem with notificatio