Rafel (also known as Ratel) is an open-source Remote Access Trojan (RAT) that targets Android devices. This program enables remote control over infected machines. Rafel can manipulate devices, steal data, and operate as ransomware. This RAT is compatible with Android versions 5 through 12 and has
Our researchers discovered ExtendedGuide while investigating new submissions to the VirusTotal site. Upon inspection, we learned that this application is adware. ExtendedGuide is part of the AdLoad malware family. Advertising-supported software is designed to feed users with unwanted and malicio
CommonParameter is a rogue app that we found during a routine inspection of new file submissions to the VirusTotal website. After examining this piece of software, we determined that it is adware from the AdLoad malware family. CommonParameter is designed to run intrusive ad campaigns, and it ma
While browsing new file submissions to the VirusTotal platform, our research team discovered the AssistRadio app. Our examination revealed that it is advertising-supported software (adware) from the AdLoad malware family. AssistRadio is designed to generate revenue for its developers through adv
Our researchers found nonprilor[.]com while investigating suspicious websites. Upon examination, we determine that this rogue webpage promotes browser notification spam and redirects users to other (likely unreliable/hazardous) sites. Most visitors to nonprilor[.]com and similar pages happen upon
Our research team discovered the ConnectionTiming app while investigating new file submissions to the VirusTotal platform. After examining this application, we learned that it is advertising-supported software (adware). ConnectionTiming is part of the AdLoad malware family. This software is desi
VirtualPartition is a rogue application discovered by our researchers during a routine inspection of new file submissions to VirusTotal. Upon examining the software, we determined that it is adware from the AdLoad malware family. Advertising-supported software is designed to feed users with unde
Our research team discovered FortyFy through a deceptive webpage, which was reached via redirect caused by a Torrenting website that uses rogue advertising networks. This browser extension supposedly prevents access to potentially harmful sites. The installer promoting FortyFy contained a variety
Fickle is a stealer-type malware written in the Rust programming language. This malicious program is designed to steal vulnerable information from devices. Fickle has bee around since at least the spring of 2024. This stealer is highly flexible and can infiltrates system in several different multi
After investigating several "Conflict With Your Company Name Or Trademark" emails, we determined that they are spam. These fake letters claim that a registration attempt has been made with the .cn domain that includes keywords associated with recipients' company names or trademarks. The purpose of