Our researchers discovered 2000USD ransomware during a routine inspection of new submissions to the VirusTotal website. Malicious software within this category is designed to encrypt data and demand payment for its decryption. After we launched a sample of 2000USD on our test machine, it encrypte
Based on our examination, PromoteMemory operates as adware, displaying intrusive advertisements and potentially possessing additional functionalities. Such applications are typically distributed through deceptive tactics to trick users into installing them. It is advisable to remove adware like
ROD (Rodmacer) is an information stealer designed to extract data from compromised macOS systems. Once the information is gathered, it can be transmitted to remote servers controlled by cybercriminals, who may use it for various malicious purposes. Victims should remove the ROD stealer from comp
Our examination of the page (galaxyfoxclaim.pages[.]dev) has shown that it is a fraudulent website mimicking the Galaxy Fox platform (galaxyfox[.]io). Scammers behind this fake web page aim to trick unsuspecting individuals into taking actions that would cause them financial losses. Thus, this sit
Upon inspection of a browser extension called "A cool tab", we determined that it is a browser hijacker. The extension modifies browser settings to generate redirects that land on the search.mycooltab.com fake search engine. Typically, browser-hijacking software makes changes to browsers'
This fake "Department Of Treasury - Compensation Funds" email promises recipients eight million dollars and a new car in compensation. The purpose of this spam mail is to collect personally identifiable information. However, the scammers behind this phishing campaign might also seek to deceive rec
Csharp-Streamer is a RAT (Remote Access Trojan) that has been around since at least 2020. There are multiple versions of this malware, and evidence suggests that Csharp-Streamer is modular. RATs enable remote access and control over infected devices. Csharp-Streamer has been utilized in numerous
Our researchers found DeviceControl while browsing new file submissions to the VirusTotal site. Upon inspection, we learned that this application is adware from the AdLoad malware family. DeviceControl operates by running intrusive advertisement campaigns. Adware is designed to generate
Our researchers discovered the BasicDisplay adware while browsing file submissions to the VirusTotal website. After examining this application, we determined that it is part of the AdLoad malware family. Advertising-supported software (adware) is designed to generate revenue for its developers t
DataDestroyer is ransomware that our team discovered while examining malware samples submitted to VirusTotal. This ransomware is based on Chaos. Upon infiltration, it encrypts files and appends the ".destroyer" extension to filenames. Also, DataDestroyer creates a ransom note ("note.txt" file). A