Our team has discovered a new Djvu ransomware sample called Iips while examining websites offering to download cracked/pirated software. After analyzing the ransomware sample, we found that Iips appends the ".iips" extension to filenames and creates the "_readme.txt" file containing a ransom note.
We have discovered the ConvertersCoolSearch application while visiting websites that use shady advertising networks. After downloading and testing the app, our team has noticed that it hijacks a web browser: it changes the settings of the affected browser to promote converterscoolsearch.com - a fa
We have discovered the download page for LiveTab - Live Streams in your Browser Tab while testing shady advertisements. It is presented as a tool for finding new games and live streams on Twitch and YouTube. After analyzing the app, we have learned that it is a browser hijacker designed to promote
We discovered the Ljubi ransomware while checking the malware samples submitted to VirusTotal (it was originally discovered by Petrovic). Our team has analyzed this ransomware and found that it does three things: it encrypts files, appends the ".ljubi" extension to filenames, and creates the "How
PlatformCache is a rogue application. After inspecting this piece of software, we have determined that it is a piece of advertising-supported software (adware) belonging to the AdLoad malware family. After successful installation onto our test system, PlatformCache displayed various adve
We have discovered the ViewsAdjustable while checking the samples submitted to VirusTotal. While this application was installed on our computer, it displayed unwanted advertisements. Thus, our team has concluded that ViewsAdjustable is an advertising-supported app (numerous security vendors on V
Payments4u[.]org is a rogue webpage our researchers discovered while inspecting untrustworthy sites. This page is designed to promote spam browser notifications and uses fake CAPTCHA verification for this purpose. Most users access websites like payments4u[.]org via others that use rogue advertisi
Wroba (also known as XLoader or MaqHao) is a backdoor-type malicious program, which our researchers have sampled from VirusTotal. This Android OS-targeting malware has been observed being proliferated via the "Roaming Mantis" SMiShing campaign. Initial operations centered Asia - Japan, Taiwan, Kor
Our malware researchers have discovered the aderstono[.]com site while analyzing various torrent, illegal movie streaming, and similar websites that use shady advertising networks. We have found that aderstono[.]com can show untrustworthy notifications and redirect visitors to other pages.
Iskaluz is a ransomware-type program designed to encrypt data and demand payment for the decryption. Our researchers found this malware while researching new submissions on VirusTotal. We have determined that Iskaluz belongs to the Paradise ransomware family. After being launched on our test mach