In the course of our inspection of malware samples on VirusTotal, we came across the finding that ZENEX is ransomware belonging to the Proton family. ZENEX is designed to encrypt files, modify filenames of encrypted files, provide a ransom note ("#Zenex-Help.txt"), and change the desktop wallpaper
Yoursmartsecurityguards[.]club is a rogue webpage discovered by our researchers during a routine inspection of unreliable websites. This page promotes deceptive content and spam browser notifications. It can also redirect users to other (likely dubious/dangerous) sites. Visitors to yoursmartsecur
While inspecting new submissions to the VirusTotal platform, our research team discovered an application called Skat.app. Upon inspection, we determined that it is adware belonging to the Pirrit malware family. Skat.app is designed to generate revenue for its developers by feeding users with und
Upon closer inspection of the PlatformIndex application, we identified that it is an advertising-supported app that bombards users with annoying and intrusive advertisements. Additionally, the app might be designed to gather various information that its developers could misuse for malicious purp
While checking out new file submissions to the VirusTotal website, our research team found the SYSDF ransomware. This program is part of the Dharma ransomware family. SYSDF is designed to encrypt data and demand payment for its decryption. On our testing system, this ransomware encrypted files an
DarkMe is identified as a remote access Trojan (RAT), a type of malware designed to provide cybercriminals with unauthorized access to infected systems. RATs are notorious for their stealthy operations, allowing attackers to monitor user activity, steal sensitive information, and execute malicious
While examining malware samples on VirusTotal, we discovered a member of the Phobos ransomware family dubbed Water. Like most ransomware variants, Water encrypts and renames files and provides a ransom note. Water's ransom notes are provided in "info.hta" and "info.txt" files. While renaming file
During our examination, it was noted that Catbird.app exhibits intrusive advertising to its users. As a result, we have categorized Catbird.app as adware. In addition to displaying advertisements, this application may gather specific user data. Furthermore, our investigation revealed that Catbir
Lkfr is a ransomware variant linked to the Djvu family. Lkfr operates by encrypting files and altering their filenames by adding its extension (".lkfr"). As an illustration, it transforms "1.jpg" into "1.jpg.lkfr", "2.png" into "2.png.lkfr", and so forth. Along with encrypting your files, Lkfr dr
We found the ExploreDesktop application during a routine inspection of new submissions to the VirusTotal platform. ExploreDesktop is adware from the AdLoad malware family. This app is designed to generate revenue for its developers by feeding users with unwanted and potentially dangerous adverti