Our team has discovered the FlowSurplus application while inspecting the samples submitted to VirusTotal. After analyzing the application, it was found that FlowSurplus is an advertising-supported application that displays intrusive advertisements. As a rule, apps of this type are distributed us
Discovered by the cybercrime prevention company ThreatFabric, Xenomorph is an Android malware that targets banking information. According to our research, this malicious program is still in the development stages. However, it already has over fifty European banks on its target list. This malware'
We have discovered the LOCKFILE ransomware while checking VirusTotal for recently submitted malware samples. After analyzing this ransomware, we learned that it encrypts files, appends ".LOCKFILE" extension to filenames, and generates three ransom notes: two pop-up windows and a text file named "Д
Our team has discovered the TaskCentral application while checking the samples submitted to VirusTotal. After analysis, it was concluded that TaskCentral is typical adware - it bombards users with unwanted advertisements. Typically, adware is distributed using deceptive methods. TaskCent
Cavallososo is a piece of malicious software belonging to the ZEPPELIN ransomware family. Our research team found a sample of this ransomware while inspecting new submissions to VirusTotal. Once launched onto our test machine, Cavallososo encrypted files and appended their filenames with a ".Cava
We have discovered the TopMoviesLinks Default Search app while doing our periodical research on shady advertising networks and deceptive pop-ups used to trick users into installing this extension. After testing the app, we have learned that it alters the settings of a browser - it hijacks a browse
Our team has discovered the Rtgf ransomware while analyzing malware samples submitted for VirusTotal. Rtgf belongs to the Djvu ransomware family. It encrypts files and appends the ".rtgf" as their new extension. Also, it creates the "_readme.txt" file to provide victims with contact and payment in
Pushnotstudio[.]com is a rogue site, which our research team discovered while inspecting shady pages. It is designed to push spam browser notifications and cause redirects to other unreliable/malicious websites. Visitors to pushnotstudio[.]com and similar sites primarily access them via redirects
BetterSearch Default Search is a browser extension that we found while inspecting untrustworthy websites. Our researchers classified this piece of software as a browser hijacker. BetterSearch Default Search operates by making changes to browser settings and promotes the better-search.xyz fake sear
Page Darker is a browser extension promising to create a dark mode for simple websites. After analyzing this piece of software, we have determined that it operates as adware. Page Darker delivers intrusive ad campaigns and spies on users' browsing activity. When Page Darker was installed o