While browsing file submissions to the VirusTotal website, our research team discovered the RecordTransaction app. Upon examination, we determined that it is adware from the AdLoad malware family. RecordTransactionis is designed to generate revenue for its developers/publishers through advertisi
This is a phishing attempt disguised as a notification from booking.com regarding a complaint raised by a lodger. Scammers behind this scam use emails with links to fake websites or attachments with links to fake sites. The purpose of the scam is to promote a social engineering tactic known as Cli
Our researchers found the OpticalClient adware-type app during a routine inspection of new file submissions to VirusTotal. OpticalClient belongs to the AdLoad malware family. Advertising-supported software (adware) is designed to run intrusive advertisement campaigns. Adware typically en
Our team has examined ProgressMapper and determined that it primarily functions to serve advertisements. This type of software is categorized as adware. ProgressMapper is capable of displaying deceptive ads, often directing users to unreliable or potentially harmful websites. As a result, it is
After inspecting this "TNT Express" email, we determined that it is fake. This spam letter concerns shipment documents that need to be signed. The email has a phishing file attached, and recipients can get their email accounts stolen by scammers if they enter their log-in credentials into it. It
We discovered Hyena ransomware while analyzing malware samples submitted to VirusTotal. During the examination, we found that Hyena is part of the MedusaLocker family. The ransomware encrypts files and appends the ".hyena111" extension. Also, Hyena provides a ransom note ("READ_NOTE.html") and cha
Our team has inspected ProductConfig and discovered that its purpose is to display advertisements. Apps with such traits are classified as adware. ProductConfig can show misleading ads designed to promote untrustworthy websites. Therefore, users should avoid installing ProductConfig on their com
In our analysis, we discovered that enhancedefense[.]com runs the "You've visited illegal infected website" scam and can send deceptive notifications (if permission is given). Enhancedefense[.]com can expose users to other scams and untrustworthy websites. Users should not visit enhancedefense[.]c
Our researchers discovered totalwebarmorsolutions[.]com while browsing suspect sites. We determined that this rogue webpage promotes browser notification spam and produces redirects to different (likely unreliable/dangerous) websites. Visitors to totalwebarmorsolutions[.]com and pages akin to it
During a routine inspection of new submissions to the VirusTotal platform, our researchers discovered the ProjectSet application. After examining this piece of software, we determined that it is adware from the AdLoad malware family. Apps within this classification typically operate by displayi