Our researchers discovered TechProduct while investigating new file submissions to the VirusTotal site. This rogue application is classed as adware. TechProduct belongs to the AdLoad malware family. Advertising-supported software generates revenue for its developers/publishers through advertisin
ParameterPortal is a rogue app discovered by our researchers during a routine inspection of new file submissions to the VirusTotal platform. This application is advertising-supported software (adware) from the AdLoad malware family. Adware generates revenue for its developers/publishers
Our analysis shows that BasicOperator is adware, and security vendors flag it as malicious. It can generate annoying and deceptive advertisements that may direct users to unsafe web pages. Thus, installing BasicOperator can expose users to various online threats. This app should not be trusted a
We have examined ExpandedSync and found that it is adware that security tools flag as malicious. It can display intrusive and misleading ads that lead to potentially harmful websites. So, it is crucial to remove ExpandedSync from affected devices as soon as possible to avoid potential security r
SafePay is ransomware, a type of malware that encrypts victim's files to extort money. In addition to encrypting files, SafePay appends ".safepay" to them and generates a ransom note ("readme_safepay.txt"). An example of how SafePay renames files: it changes "1.jpg" to "1.jpg.safepay", "2.png" to
During our inspection, we found that UpgradeView is adware that security vendors flag as malicious. Upon installation, the app can generate misleading advertisements to promote potentially malicious web pages. Typically, users unintentionally install apps like UpgradeView and are advised to remo
DynamicEntry is a rogue application discovered by our researchers during a routine inspection of new file submissions to the VirusTotal platform. Our analysis revealed that this app is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. Typica
While investigating deceptive websites, our researchers discovered this fake "Microsoft Defender" browser extension. This software is not associated with the real Microsoft Defender Antivirus or its developer – the Microsoft Corporation. The malicious extension can modify browser appearance/behavi
I2PRAT is a Remote Access Trojan (RAT) written in the C++ programming language. It is a piece of advanced malicious software that enables remote access/control over infected machines. Since November 2024, I2PRAT has been observed being proliferated via ClickFix scams. I2PRAT is a tri-layer
Our analysis of the email has shown that it is a scam email disguised as a notification regarding a Bitcoin winning. Generally, the email claims that the recipient has won a large sum of money to trick them into disclosing personal information and likely transferring money to scammers. This and si