While investigating spam browser notifications, we discovered the "URGENT: Scan Your PC" scam. It states that the website visitor's device is infected, and their identity is at risk of theft. The scam's purpose is to trick users into downloading/installing or purchasing the promoted software.
VanHelsing is a ransomware-type program. It operates by encrypting files and demanding payment for the decryption. VanHelsing attacks also employ double extortion tactics, i.e., pressure victims into paying by threatening them with data leaks. On our test machine, this ransomware encrypted files
While inspecting new file submissions to the VirusTotal site, our researchers discovered the PrimaryBalance adware. This application belongs to the AdLoad malware family. PrimaryBalance is designed to generate revenue for its developers through advertising. Adware stands for advertising-
Our analysis of ExecutiveSection shows that this application is designed to display advertisements. Therefore, we classified it as adware. Additionally, we found that ExecutiveSection has been flagged as malicious by multiple security vendors. Users should not trust ExecutiveSection and remove i
Our research team found FeedNames while inspecting new submissions to the VirusTotal website. Upon analysis, we learned that this application is classified as adware. FeedNames is part of the AdLoad malware family. Advertising-supported software is designed to generate revenue for its developers
After inspecting PrimaryAnalog, we found it to be an unwanted application with adware characteristics. It generates intrusive ads that may lead to unreliable websites. Also, security vendors have flagged the app as malicious. Users should avoid installing PrimaryAnalog and remove it if it is alr
Our researchers discovered xdefender[.]site while investigating dubious websites. Upon examination, we learned that this rogue page endorses browser notification spam and generates redirects to different (likely unreliable/harmful) sites. Visitors to xdefender[.]site and similar webpages primaril
We have inspected WebProcesser and determined that it is an unwanted application with adware qualities. It is designed to display intrusive advertisements that can promote various scams and other shady web pages. Thus, users should avoid installing WebProcesser and remove it if it is already pre
While browsing suspicious websites, our research team discovered the premiumnetwork.co[.]in rogue page. It operates by promoting browser notifications spam and redirecting visitors to other (likely untrustworthy/hazardous) sites. Most users access premiumnetwork.co[.]in and analogous websites via
During our inspection, we found that proninemons[.]com uses a misleading method to lure visitors into granting it permission to display notifications. Once this permission is given, proninemons[.]com sends fake notifications to deceive users into clicking them. Thus, proninemons[.]com should not b