Our research team found the SmartOperator application during a routine inspection of new file submissions to the VirusTotal platform. Our investigation revealed that this piece of software is adware belonging to the AdLoad malware family. Advertising-supported software usually operates by displ
Our researchers found the news-penifi[.]com rogue page while investigating untrustworthy websites. Upon examination, we learned that this webpage promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Most visitors to news-penifi[.]com and analogous page
NetworkSource is a rogue application discovered by our researchers during a routine inspection of new submissions to the VirusTotal platform. After examining this app, we determined that it is adware. NetworkSource is part of the AdLoad malware family. Software within this classification generat
While browsing file submissions to the VirusTotal website, our research team discovered the RecordTransaction app. Upon examination, we determined that it is adware from the AdLoad malware family. RecordTransactionis is designed to generate revenue for its developers/publishers through advertisi
This is a phishing attempt disguised as a notification from booking.com regarding a complaint raised by a lodger. Scammers behind this scam use emails with links to fake websites or attachments with links to fake sites. The purpose of the scam is to promote a social engineering tactic known as Cli
Our researchers found the OpticalClient adware-type app during a routine inspection of new file submissions to VirusTotal. OpticalClient belongs to the AdLoad malware family. Advertising-supported software (adware) is designed to run intrusive advertisement campaigns. Adware typically en
Our team has examined ProgressMapper and determined that it primarily functions to serve advertisements. This type of software is categorized as adware. ProgressMapper is capable of displaying deceptive ads, often directing users to unreliable or potentially harmful websites. As a result, it is
After inspecting this "TNT Express" email, we determined that it is fake. This spam letter concerns shipment documents that need to be signed. The email has a phishing file attached, and recipients can get their email accounts stolen by scammers if they enter their log-in credentials into it. It
We discovered Hyena ransomware while analyzing malware samples submitted to VirusTotal. During the examination, we found that Hyena is part of the MedusaLocker family. The ransomware encrypts files and appends the ".hyena111" extension. Also, Hyena provides a ransom note ("READ_NOTE.html") and cha
Our team has inspected ProductConfig and discovered that its purpose is to display advertisements. Apps with such traits are classified as adware. ProductConfig can show misleading ads designed to promote untrustworthy websites. Therefore, users should avoid installing ProductConfig on their com