Easy Search is the name of a rogue browser extension, which we have recently discovered. Our researchers have determined this dubious piece of software to be a browser hijacker, promoting the blpsearch.com fake search engine. After being installed onto our test system, the Easy Search brow
Yourdadgone is the name of a ransomware-type program we found when reviewing the newest malware submissions on VirusTotal. On our test machine, this ransomware encrypted files and appended their filenames with a ".yourdadgone" extension. For example, a file like "1.jpg" appeared as "1.jpg.yourdad
When inspecting rogue and deceptive websites, our researchers discovered yet another cryptocurrency giveaway scam. "NASA ETH and BTC Giveaway" is presented as a cryptocurrency mass-adoption scheme. Users are urged to transfer a certain amount of either Ethereum (ETH) or Bitcoin (BTC) cryptocurrenc
Our team has examined the listentoyoutube[.]cc page and concluded that this page offers to convert YouTube videos to MP3 files (while downloading videos from YouTube is a breach of YouTube's Terms of Service), uses rogue advertising networks, and promotes a questionable application. At the
We have tested the Mxpww ransomware and learned that it encrypts files, appends a string of random characters and the ".mxpww" extension to filenames, and creates the "5Fw6_HOW_TO_DECRYPT.txt" file (a ransom note). An example of how Mxpww encrypts files is provided below. Mxpww renames "1.jpg" to
Bio Diversity is a browser extension promoted as a tool for easy access to the largest biodiversity-centered library/archive. Instead, after testing it, we learned that Bio Diversity operates as advertising-supported software (adware). On our test system, Bio Diversity displayed various ad
best darker is the name of a browser hijacker that we have discovered while visiting a deceptive website. After analyzing this application, we found that it hijacks a web browser by changing its settings to ssepm.com - a fake search engine. During the research, we noticed that best darker also cou
SchedulerSkyLoad is another of our researchers' finds detected on VirusTotal. It is an adware-type application from the AdLoad malware family. Once installed onto our test system, SchedulerSkyLoad began displaying various ads. It is pertinent to mention that adware can require certain co
WExtension is the name of ransomware that our team has discovered while checking the samples submitted to VirusTotal. While analyzing WExtension, we found that it encrypts files, appends the ".WExtension" extension to filenames, and creates the "read_it.txt" file containing a ransom note. For exa
Our team has discovered the TypeValue application while inspecting various shady websites encouraging to download fake updates for the installed software. After examining TypeValue, we found that it displays advertisements and hijacks a web browser. Thus, this application can be categorized as a