While browsing file submissions to the VirusTotal platform, our researchers found the DiscoveryUniverse application. After investigating it, we determined that this app is advertising-supported software (adware). DiscoveryUniverse belongs to the AdLoad malware family. Adware is designed
While investigating suspicious websites, our researchers discovered the Clarity Tab browser hijacker. This extension promises to provide new tab widgets (e.g., clock, weather, bookmarks, etc.) and browser wallpapers. However, it changes browser settings to promote (via redirects) a search engine.
While browsing suspicious websites, our research team discovered the "Error_Code: GUI45WGV0001" scam. Upon examination, we determined that it is a technical support scam. It warns users that their computers are infected and urges them to call support. It must be stressed that these claims are fal
Our research team found GKICKG ransomware while browsing file submissions to the VirusTotal website. Ransomware operates by encrypting data and demanding ransoms for its decryption. On our test machine, this malicious program encrypted files and added ".{victim's_ID}.GKICKG" to their names. For e
We have inspected the site and concluded that it hosts a pop-up scam. These scams usually involve fake warnings/alerts or use other scare tactics to trick users into taking certain actions. None of the claims presented on these pages are true. It is best to close such pages and never visit them ag
MassJacker is a cryptojacking malware. The purpose of this malware is to steal cryptocurrency. It is likely distributed and utilized by multiple threat actors, suggesting that MassJacker may operate as a malware-as-a-service (MaaS). Users who suspect their computers may be infected should immediat
Squidoor is a backdoor-type malware that targets Windows and Linux OSes (Operating Systems). Programs within this classification open "backdoors" into targeted machines to prep them for further infection, and some can even download/install payload malware. Squidoor has been around since at least
During our inspection, we found that light-app[.]monster provides links leading to malicious downloads and requests permission to show notifications. This page should be avoided and not allowed to send notifications to avoid exposure to various online threats, including scams and malware.
In our analysis of swaprotocol[.]xyz, we discovered that this page uses clickbait to receive permission to show notifications. Once visited, the site displays deceptive content. Users should avoid visiting swaprotocol[.]xyz and never agree to receive notifications from such websites. Swapr
Zsszyy is ransomware our team discovered while inspecting malware samples submitted to VirusTotal. Ut is identical to other ransomware known as Tianrui, Hush, and MoneyIsTime. Zsszyy's purpose is to encrypt files. Also, it appends the victim's ID and the ".zsszyy" extension to files, and drops a r