During our routine examination of malware samples submitted to VirusTotal, we discovered ransomware belonging to the Xorist family called Hunters. Cybercriminals use the malware to encrypt files and demand a ransom for a decryption tool. Also, Hunters renames files and provides a ransom note, "HOW
During our review of archerclus[.]com, we identified that the site shows misleading content and wants to display notifications. If users grant this permission, the site can send deceptive notifications that can lead to other untrustworthy websites. Thus, archerclus[.]com should be avoided and clos
Instaheadlines[.]site is a rogue webpage designed to promote browser notifications spam and redirect users to different (likely dubious/malicious) sites. Most visitors access pages of this kind through redirects produced by websites that utilize rogue advertising networks. Our research team disco
Our researchers discovered the hellflusione[.]com rogue page during a routine investigation of untrustworthy websites. After examining this webpage, we learned that it promotes spam browser notifications and produces redirects to other (likely dubious/hazardous) sites. Hellflusione[.]com and simi
Our researchers discovered the gwrldtpnws1[.]xyz rogue page while browsing suspect websites. Upon examination, we learned that this webpage endorses browser notification spam and redirects visitors to different (likely untrustworthy/dangerous) sites. The majority of users that access gwrldtpnws1[
A new information-stealing malware has surfaced, spread by cybercriminals through a fraudulent DeepSeek website. DeepSeek AI, a Chinese company specializing in advanced language models similar to ChatGPT, has recently gained popularity. As is common, cybercriminals have found a way to exploit this
While reviewing new submissions to the VirusTotal site, our researchers discovered the NetCollection application. It is advertising-supported software (adware) from the AdLoad malware family. NetCollection is designed to deliver intrusive ad campaigns. Typically, adware operates by displ
ValidInitiator is a rogue app discovered by our research team during a routine inspection of new submissions to the VirusTotal site. After examining this piece of software, we determined that it is adware from the AdLoad malware family. Adware stands for advertising-supported software. A
In our analsyis of madrinabee[.]com, we discovered that this page displays deceptive content and requests permission to show notifications. If permitted, madrinabee[.]com can deliver misleading notifications to trick users into opening other shady sites. Thus, this and the associated websites shou
Our researchers discovered OpticalManager during a routine inspection of new file submissions to the VirusTotal platform. After examining this app, we learned that it is adware. OpticalManager belongs to the AdLoad malware family. Advertising-supported software is designed to deliver intrusive a