Our malware researchers have discovered the Professor ransomware while examining malware samples submitted to VirusTotal. They have learned that Professor is part of the VoidCrypt ransomware family. This variant encrypts files and appends the profes0r@tutanota.com email address, a string of random
We discovered the External Links Tool application after using an installer downloaded from a deceptive website, claiming that a browser extension may be outdated. After analyzing this app, we found that it generates ads (it functions as adware). Although, it is described as a tool that examines ex
Check-the-trend[.]com is a rogue webpage promoting browser notification spam. It is also capable of redirecting visitors to other unreliable and dangerous sites. Our research team discovered this page while inspecting sites that employ rogue advertising networks. Most users enter check-the-trend[.
Discovered by our research team during a routine inspection of new submissions to VirusTotal, FreshSkill is a rogue application. After analyzing it, we determined that it is a piece of advertising-supported software (adware) belonging to the AdLoad malware family. Adware can require cert
While inspecting new malware submissions on VirusTotal, our researchers found Ew328 ransomware. Once launched on our test machine, this malicious program encrypted files and appended their filenames with a random character string and the ".ew328" extension. For example, a file originally titled "
EvilNominatus (also known as EvilNominatusCrypto and NominatusStrike) is ransomware that we discovered while checking the malware samples on VirusTotal. The purpose of EvilNominatus is to encrypt files. We also found that it renames files by appending "-Locked" to their names and displays a pop-up
Our researchers found a dubious download page promoting the Key Web browser extension - during a routine inspection of sites using rogue advertising networks. After analyzing this piece of software, we determined that it is a browser hijacker that promotes the keysearchs.com illegitimate search en
During a routine inspection of rogue sites, our researchers discovered safewinodws[.]com. This webpage is designed to load deceptive content, promote browser notification spam, and redirect visitors to other unreliable/harmful pages. Most visitors to safewinodws[.]com and websites akin to it - en
We have discovered the SearchAim application after executing a fake Adobe Flash Player installer downloaded from a deceptive page. While installed, SearchAim displayed various untrustworthy advertisements. Thus, we have concluded that SearchAim is an advertising-supported application. Ou
The "OpenSea email scam" refers to a phishing spam campaign targeting OpenSea - NFT (Non-Fungible Token) marketplace accounts. These fake letters lure recipients into disclosing their account log-in credentials by claiming that they need to move their listings to avoid their expiration and additio