PubSurf is a Potentially Unwanted Application (PUA). Software within this classification typically possesses harmful capabilities, such as collecting information, generating redirects, displaying ads, etc. Additionally, PUAs often arrive onto systems in bundled installers (i.e., packed with other
During our inspection of Proboscideous.app, we discovered that it is designed to bombard users with annoying advertisements. Thus, we classified Proboscideous.app as adware. Additionally, we found that Proboscideous.app belongs to the Pirrit family. Overall, users should avoid installing Probosc
Our researchers found Jinwooks ransomware while browsing new malware submissions to VirusTotal. This program is based on the Chaos ransomware. On our test machine, Jinwooks ransomware encrypted files and added a ".jinwooksjinwooks" extension. To elaborate, a file initially named "1.jpg" became "1
Our researchers found the GhostHacker ransomware during a routine inspection of new file submissions to the VirusTotal site. Malware of this type is designed to encrypt files and demand payment for its decryption. We acquired a sample of GhostHacker and executed it on our testing system. This ran
AzzaSec is ransomware that we discovered during our analysis of samples uploaded to the VirusTotal platform. Once a computer is infected, AzzaSec encrypts files and appends the ".AzzaSec" extension to filenames. Additionally, this ransomware changes the desktop wallpaper and provides a ransom note
Iadispatcher.com is the address of a fake search engine that cannot provide search results. Websites of this kind are typically promoted (via redirects) by browser hijackers. Our research team discovered iadispatcher.com while investigating a rogue installer that, upon installation, generated redi
While browsing dubious websites, our research team discovered phoaksux[.]com. This rogue webpage promotes browser notification spam and generates redirects to different (likely unreliable/hazardous) sites. Pages like phoaksux[.]com are most often accessed via redirects caused by websites that uti
While inspecting malware samples submitted to VirusTotal, we discovered Cebrc ransomware, which is based on Chaos. Cebrc encrypts files, appends the ".cebrc", extension to filenames, and provides a ransom note ("read_it.txt"). An example of how files encrypted by Cebrc are renamed: "1.jpg" is chan
Our researchers discovered the dominness.co[.]in rogue site while inspecting suspicious websites. After examining this webpage, we determined that it pushes browser notification spam and redirects visitors to other (likely dubious/malicious) websites. Dominness.co[.]in and pages similar to it are
While inspecting new malware submissions to the VirusTotal platform, our research team discovered the Rapax ransomware. This malware encrypts data and demands payment for the decryption. We investigated Rapax by executing a sample of this ransomware on our test machine. The program encrypted file