While browsing new submissions to the VirusTotal platform, our research team discovered the BinaryCharacterSearch adware. It is part of the AdLoad malware family. Advertising-supported software is designed to generate revenue for its developers through advertising. Typically, adware oper
After inspecting this "Kamer Van Koophandel (KVK)" email, we determined that it is fake. This spam letter claims that the recipient's information with the Kamer van Koophandel (KVK) – the Chamber of Commerce in the Netherlands – is outdated. This phishing campaign aims to trick victims into disclo
While examining suddslife[.]com, we found that the site aims to trick unsuspecting visitors into agreeing to receive its notifications. To do this, suddslife[.]com employs a tactic known as clickbait. It is important to note that visitors rarely open such pages intentionally. Suddslife[.]c
BlankBot is an Android-specific trojan. It has RAT (Remote Access Trojan) and data-stealer capabilities. BlankBot is a versatile tool that can extract various information from infected devices. Evidence suggests that this trojan mainly targets Turkish users; however, different variants could be ge
While inspecting suliazulitess[.]com, we discovered that the purpose of this site is to lure unsuspecting visitors into allowing it to show notifications. To achieve this, suliazulitess[.]com uses a clickbait technique. It is worth mentioning that it is very uncommon for such pages to be opened by
While browsing new submissions to the VirusTotal website, our researchers discovered Zola ransomware. It is part of the Proton ransomware family. Zola operates by encrypting files and demanding payment for the decryption. On our testing system, this ransomware encrypted files and modified their n
Our analysis of snadsspace[.]com has shown that it is a deceptive website designed to display misleading content. Snadsspace[.]com is created to trick users into allowing it to show notifications through a clickbait technique. This and similar web pages should not be trusted. Snadsspace[.]
Stringent.app is a rogue application discovered by our researchers during a routine review of file submissions to the VirusTotal website. Upon examination, we learned that Stringent.app is adware belonging to the Pirrit malware family. Advertising-supported software runs intrusive ad campaigns a
SharpRhino is a remote access trojan (RAT) written in C# programming language. Upon execution, SharpRhino sets up persistence and grants the attacker remote access to the device. It gains elevated permissions to ensure the attacker can continue their activities with minimal interference. R
Our research team found Dem.app while investigating new file submissions to the VirusTotal website. After inspecting this application, we determined that it is advertising-supported software (adware). Dem.app belongs to the Pirrit malware family. Adware runs intrusive advertisement campa