FXLocker is the name of a ransomware-type program. It operates by encrypting files in order to demand a ransom payment for the decryption. Once we executed a sample of FXLocker on our test machine, it "locked" files and added a ".fxlocker" extension to their filenames. For example, a file origina
While reviewing new submissions to VirusTotal, our researchers found the OpticalNavigation application. After our analysis, we determined that this app is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software; it is designed to generate revenue for its d
While testing ManagerInterface, we found that it has adware qualities - the app can deliver intrusive advertisements. We also learned that security vendors flag ManagerInterface as malicious. It is advisable to avoid installing ManagerInterface, as it may expose users to various online threats.
NativeWorm is an information stealer targeting Android devices. It can harvest sensitive data without the victim's knowledge. NativeWorm can cause performance issues, data loss, privacy breaches, and other issues Users should remove it immediately if they suspect their device is infected to preven
Salat (also known as WEB_RAT) is a malicious program written in the Go programming language. This malware is designed to steal sensitive information from infected devices, and due to this behavior – it is classified as a stealer. Salat is a stealer-type malware, and upon successful infiltr
Our analysis of vividtales[.]site reveals that it employs clickbait to trick users into granting it permission to show notifications. Once allowed, the site can deliver misleading notifications. To avoid potential risks, users should avoid permitting vividtales[.]site to deliver notifications (and
FINALDRAFT is malware written in the C++ programming language. It is designed for data exfiltration and process injection. It has additional modules that it can inject into systems. FINALDRAFT is typically delivered through PATHLOADER, another piece of malware. Once executed, FINALDRAFT can carry
ElementaryCommand is a rogue application discovered by our researchers during a routine review of new file submissions to the VirusTotal website. After examining this app, we determined that it is adware from the AdLoad malware family. Advertising-supported software is designed to generate reven
Headlinehype[.]site is a rogue webpage that promotes browser notification spam and generates redirects to different (likely unreliable/hazardous) sites. Most visitors to headlinehype[.]site and analogous pages enter them through redirects produced by websites that employ rogue advertising network
Our research team Discovered the bureepriumism[.]com rogue page while investigating untrustworthy websites. Upon inspection, we learned that this webpage promotes spam browser notifications and redirects users to other (likely dubious/dangerous) sites. Bureepriumism[.]com and similar pages are pr