StilachiRAT is a remote access trojan (RAT) that employs advanced techniques to evade detection, maintain persistence in the infected system, and steal a wide range of sensitive data. This malware poses a significant threat to both individuals and organizations. Thus, it should be eliminated from
Our researchers discovered the "Upgrade Your Windows Antivirus Software" scam while investigating browser notification spam. The scam is presented as a Microsoft/Windows alert urging users to upgrade their anti-virus. The goal is to deceive victims into downloading/installing or purchasing the pro
We have inspected the site and determined that it hosts a pop-up scam. This scam involves a fraudulent message warning users about supposedly detected viruses or other threats. It is important to recognize and ignore such scams (close deceptive pages) to avoid potential issues. Upon visiti
We have tested smart-search-engine.com and discovered that it is a fake search engine. Using smart-search-engine.com can expose users to unreliable websites hosting deceptive or similar content. It is worth noting that fake search engines are often promoted through unwanted browser extensions know
Our inspection shows that LeadShared is designed to generate advertisements, classifying it as adware. Additionally, multiple security vendors have flagged the app as malicious. Users should avoid trusting LeadShared and uninstall it if it is already present on their device. LeadShared c
Our research team discovered the curestin.co[.]in rogue page while browsing dubious websites. After investigating this webpage, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/hazardous) sites. The majority of visitors to curestin.co[.]in
While investigating spam browser notifications, we discovered the "URGENT: Scan Your PC" scam. It states that the website visitor's device is infected, and their identity is at risk of theft. The scam's purpose is to trick users into downloading/installing or purchasing the promoted software.
VanHelsing is a ransomware-type program. It operates by encrypting files and demanding payment for the decryption. VanHelsing attacks also employ double extortion tactics, i.e., pressure victims into paying by threatening them with data leaks. On our test machine, this ransomware encrypted files
While inspecting new file submissions to the VirusTotal site, our researchers discovered the PrimaryBalance adware. This application belongs to the AdLoad malware family. PrimaryBalance is designed to generate revenue for its developers through advertising. Adware stands for advertising-
Our analysis of ExecutiveSection shows that this application is designed to display advertisements. Therefore, we classified it as adware. Additionally, we found that ExecutiveSection has been flagged as malicious by multiple security vendors. Users should not trust ExecutiveSection and remove i