While checking out new submissions to the VirusTotal platform, our research team found the EnvironmentMax rogue app. After examining it, we determined that it is advertising-supported software (adware). EnvironmentMax is part of the AdLoad malware group. The purpose of adware is to gener
DisplayProgress is a rogue application discovered by our researchers during a routine review of new file submissions to the VirusTotal platform. After examining this app, we learned that it is adware from the AdLoad malware family. DisplayProgress generates revenue for its developers/publishers
Our research team discovered the CodesTerminal application while inspecting file submissions to the VirusTotal website. After investigating this piece of software, we determined that it is adware. CodesTerminal belongs to the AdLoad malware family. Adware stands for advertising-supported
r77 is a rootkit – a collection of malicious software that enables unauthorized access to systems. This rootkit was developed with a strong emphasis on stealth. It can hide files, registry keys, tasks, and even inject itself into specific software. r77 has been observed being proliferated via "Cli
We have reviewed the email and found that it is an advance-fee scam designed to manipulate victims into providing personal information and (or) making fraudulent payments. Such emails usually contain fake claims to deceive recipients. They should be ignored to avoid monetary loss, identity theft,
KeyParameter is an adware-type application discovered by our researchers during a routine inspection of file submissions to the VirusTotal website. This app is part of the AdLoad malware family. KeyParameter aims to generate revenue for its developers/publishers through advertising. Adwa
Arcane is an information stealer that collects sensitive data from infected systems, including gaming clients, VPNs, and network utilities. It is spread through fake YouTube videos offering game cheats. It is worth noting that a similarly named stealer exists, named Arcane Stealer V. But it bears
Mamona is a ransomware-type program that encrypts files and demands payment for their decryption. It adds a ".HAes" extension to the filenames of affected files. For example, a file originally named "1.jpg" appears as "1.jpg.HAes", "2.png" as "2.png.HAes", etc. After the completion of this proces
Data is ransomware we discovered during our routine analysis of malware samples uploaded to VirusTotal. This ransomware encrypts files and appends an email address and the ".data3" extension to them. Data also changes the desktop wallpaper and provides a ransom note in a file named "#Read-for-reco
We have inspected easydefender[.]site and found that it hosts the "TROJAN_2023 And Other Viruses Detected (5)" scam. Also, the site requests permission to show notifications. Usually, when pages like this one are allowed to send notifications, they bombard users with fake warnings and similar cont