Wroba (also known as XLoader or MaqHao) is a backdoor-type malicious program, which our researchers have sampled from VirusTotal. This Android OS-targeting malware has been observed being proliferated via the "Roaming Mantis" SMiShing campaign. Initial operations centered Asia - Japan, Taiwan, Kor
Our malware researchers have discovered the aderstono[.]com site while analyzing various torrent, illegal movie streaming, and similar websites that use shady advertising networks. We have found that aderstono[.]com can show untrustworthy notifications and redirect visitors to other pages.
Iskaluz is a ransomware-type program designed to encrypt data and demand payment for the decryption. Our researchers found this malware while researching new submissions on VirusTotal. We have determined that Iskaluz belongs to the Paradise ransomware family. After being launched on our test mach
Our team has discovered the Nissenvelten ransomware while checking VirusTotal for recently submitted malware samples. After testing this ransomware, it has been concluded that it encrypts files, appends the ".nissenvelten-sjj3hhut" extension to filenames, and creates a ransom note (the "!nissenvel
Discovered by our researcher team while analyzing fake Adobe Flash Player updaters, AdjustableControl is a rogue app. After investigating this piece of software, our researchers conclude that it is an adware-type application belonging to the AdLoad malware family. Once installed onto our
We have discovered the TaskSample application after using a fake installer downloaded from a deceptive website. During our analysis, we have found that TaskSample has the qualities of adware - it displays unwanted advertisements. Software of this type is not trustworthy. Our team has tes
"Important Update From Mail Server Registrar" is the name of a phishing email received and analyzed by our research team. This letter makes false claims about incoming/outgoing mail being suspended and urges recipients to resolve the issue. This spam letter aims to trick recipients into revealing
We have downloaded and tested the Top Movies Links | Digital Content Online app and found that it has the qualities of a browser hijacker. It promotes a fake search engine (the topmovieslinks.com address) by changing the settings of a web browser. We have discovered this browser-hijacking app whil
Our team has discovered the PickMySearch application while checking deceptive websites. We have tested this app and found that it is a browser hijacker that promotes a fake search engine (pickmysearch.com) by changing the setting of the affected browser. Apps of this type cannot be trusted.
News-caloto[.]cc is a rogue website designed to push browser notification spam. It can also redirect visitors to other dubious/malicious webpages. Our researchers discovered news-caloto[.]cc while analyzing sites that use rogue advertising networks. Redirects caused by the aforementioned pages is