Nordteam is ransomware belonging to the Spora ransomware family. We discovered this variant while inspecting malware samples submitted to the VirusTotal page. Our team found that Nordteam encrypts files and appends four random characters to filenames as the extension. Also, it creates "ReadMe.hta"
DesignPaper is a piece of rogue software that our research team found while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it is adware and belongs to the AdLoad malware family. Adware is designed to display adverts on visited websites and/or diffe
Dark-Display is described as an app that provides a dark mode for simple websites. After downloading and adding this app to a web browser, we learned that it shows unwanted advertisements. Thus, we classified Dark-Display as adware. Ads displayed by adware can open untrustworthy websites.
We have discovered the Dropbox Update Setup while examining various cracked software distribution websites. We have inspected the downloaded "Setup.exe" file and found that it runs in the Task Manager as "Dropbox Update Setup". It causes high CPU usage, which means it may be crypto-mining malware.
During a routine inspection of new malware submissions to VirusTotal, our research team discovered the EAF ransomware. After we launched a sample of EAF on our test system, we learned that it encrypts files and changes their filenames. File titles were prepended with the cyber criminals' email ad
DevelopEfficient is an application that our team has discovered while examining deceptive web pages. We have tested this app and found that it displays annoying advertisements. Software of this type is called adware. Typically, users install software of this type unintentionally. In most
Bhrnkw[.]com is a rogue webpage that our research team found while inspecting dubious sites. It operates by promoting spam browser notifications and redirecting visitors to other (likely untrustworthy/malicious) websites. Most users enter pages like bhrnkw[.]com via redirects caused by websites us
Our researchers found the DigitalPaper application during a routine inspection of new submissions to VirusTotal. Our analysis of this app revealed that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware enables the placement of various
To go web is a rogue browser extension. After analyzing this piece of software, we determined that it operates as a browser hijacker. To go web modifies browser settings to promote the togosearching.com fake search engine. Additionally, this browser hijacker spies on users' browsing activity.
Safemacpc[.]xyz displays deceptive content (runs the "McAfee - Your PC is infected with 5 viruses!" scam) and asks for permission to show notifications. It uses a scare tactic to promote legitimate software. It is operated by affiliates who aim to collect illegitimate commissions. Our team has di