JS/Agent Trojan is a detection name for malicious JavaScript files. Typically, such files (malicious codes) are distributed by injecting them into legitimate websites. Computers get infected after a malicious (or legitimate but compromised) website is visited, and a malicious file is dropped.
Health Adviser is advertised as an app for finding meal plans and recipes. It helps users to learn how to cook. We have discovered this app on a deceptive website offering to download a "recommended Chrome extension". After installing and examining the Health Adviser app, we found that it operates
During a routine inspection of deceptive download pages, our research team discovered the Rainbow Blocker browser extension. This piece of software claims to be an adblocker (online advertisement remover); instead, it operates as adware. After analyzing Rainbow Blocker, we learned that it displays
Our malware researchers have discovered Xcbg while examining malware samples submitted to VirusTotal. It was found that Xcbg is ransomware designed to encrypt and rename files (append the ".xcbg" extension to filenames) and create the "_readme.txt" file. We also learned that Xcbg belongs to the Dj
Kqgs is a ransomware-type program that our research team discovered during a routine inspection of new malware submissions to VirusTotal. We determined that Kqgs belongs to the Djvu ransomware family. After analyzing this malicious program, we learned that it encrypts data and appends the filenam
This malware was discovered by Petrovic. It was found that Bpqd operates as ransomware - it encrypts files. Also, it appends the ".bpqd" extension to filenames (for example, renames "1.jpg" to "1.jpg.bpqd", "2.png" to "2.png.bpqd"), and creates a ransom note ("_readme.txt" file). Bpqd is part of t
Financesurvey[.]site is a deceptive website that displays a fake survey, asks for permission to show notifications, and promotes other websites. Our team has discovered this site while examining illegal movie streaming, torrent, and similar pages. It was concluded that this page cannot be trusted.
Our team has discovered a ransomware variant called Report while inspecting the malware samples submitted to VirusTotal. It was found that Report is of the ransomware variants that belong to the Xorist family. Once executed, it encrypts files and appends the ".report" extension to filenames. Repo
Our team has discovered the SmartProducts application while analyzing the samples submitted to VirusTotal. After examining the app, it was found that it generates advertisements - SmartProducts is an advertising-supported application. A big part of apps like SmartProducts is promoted and (or) di
We have discovered this pop-up scam while testing various websites that use rogue advertising networks (display shady ads and redirect visitors to untrustworthy pages). We concluded that the purpose of this pop-up scam is to trick visitors into believing that their computers are infected with malw