After reading the "SKY LOTTO" email, we determined that it is spam promoting a lottery-type scam. This mail falsely claims that the recipient has been randomly selected as a winner of a lottery. The purpose of this phishing email is to collect personally identifiable information by tricking users
AllaSenha is a malicious program classed as a RAT (Remote Access Trojan). These trojans enable attackers to gain remote access/control over infected machines. AllaSenha, in particular, is designed to obtain extensive data associated with Brazilian banks. This malware is a variant of the AllaKore R
We have examined searchersgood.com and found that it is a fake search engine. Typically, search engines like searchersgood.com are promoted via extensions that operate as browser hijackers. Extensions of this type modify the settings of web browsers to direct users to unreliable pages. Thus, users
Our researchers discovered Cologne.app adware-type application while browsing new file submissions to the VirusTotal site. This app is part of the Pirrit adware family. Advertising-supported software is designed to run intrusive advertisement campaigns and may possess other harmful functionaliti
We have inspected Becousined.app and determined that it operates as adware—it displays annoying ads to users. Our other finding is that Becousined.app is part of the Pirrit family. Pretty often, users are tricked into installing such apps. In other words, they rarely install apps like Becousined
Search-quickly.com is the address of a fraudulent search engine, which we found while analyzing the Search-Quickly browser hijacker. We discovered this hijacker extension while browsing deceptive websites. Search-Quickly modifies browser settings to promote (via redirects) the search-quickly.com
QRYPT is a ransomware variant that we have discovered while examining malware samples uploaded to the VirusTotal page. This ransomware is designed to encrypt files, append its extension ".qrypt" to filenames, and create a ransom note ("Readme How to Recover.txt"). An example of how QRYPT renames f
We have tested the WonderFind browser extension and found that it hijacks a browser to promote findflarex.com. This process involves changing the settings of a web browser. It is worth noting that WonderFind is promoted as a tool that provides better results and a better browsing experience.
Our researchers discovered an installer containing TruoApp while investigating untrustworthy websites. This piece of software is classed as a PUA (Potentially Unwanted Application), and as such – it may possess harmful capabilities. It is noteworthy that the installation setup promoting TruoApp t
We have inspected findflarex.com and learned that this is a fake search engine promoted via multiple browser extensions such as ONFIND and many others. This extension operates as a browser hijacker: it changes the settings of a browser to promote findflarex.com. Overall, neither findflarex.com nor