SpiceRAT is a remote access Trojan (RAT) delivered by cybercriminals via email. RATs are malicious programs designed to provide cybercriminals with remote access and control over a victim's computer. Typically, threat actors employ RATs to inject additional payloads, steal sensitive information, o
We have inspected getsearchredirecting.com and found that it redirects users to at least two other addresses and is promoted via a fake extension. Neither getsearchredirecting.com nor the app promoting it is reliable. Users who encounter redirects from getsearchredirecting.com should remove the as
Our research team found the AgentSector app while reviewing new submissions to the VirusTotal website. Upon examination, we determined that this application is advertising-supported software (adware). AgentSector belongs to the AdLoad malware family. Adware aims to generate revenue for its devel
Brain Cipher is a ransomware-type virus. This malicious program is based on the LockBit ransomware. Malware within the ransomware classification is designed to encrypt data and demand payment for the decryption. On our testing system, Brain Cipher encrypted and renamed files. Original titles were
During our examination of find.nsrc-now.com, we noticed that it is an address that serves as part of a redirection chain. We also found that find.nsrc-now.com is associated with a fake extension. Thus, users who encounter redirects to and from find.nsrc-now.com should remove an unwanted extension
We discovered the FormatProtocol rogue application while reviewing new file submissions to the VirusTotal platform. After investigating this app, we determined that it is adware. FormatProtocol belongs to the AdLoad malware family. Adware stands for advertising-supported software. It typ
InnoSetup is a downloader-type malware. It masquerades as an installation setup and downloads a variety of malicious software when users interact with it. InnoSetup has been observed infiltrating stealer-type trojans, proxyware, and adware onto compromised systems. However, it could proliferate ot
During our inspection of the Norton Safe Search Enhanced browser extension, we found that it is a fake extension that has nothing to do with legitimate Norton products. This extension is promoted as a tool that provides maximum browsing protection. However, its true purpose is to promote dubious a
Our research team discovered an installer containing TroxApp promoted by a scam page, which was accessed via redirect generated by a Torrent website that utilizes rogue advertising networks. Upon inspection, we determined that TroxApp is a PUA (Potentially Unwanted Application). Apps within this
After inspecting the "Restore/Confirm Your Email Access" message, we determined that it is spam. This email falsely claims that the recipient cannot use their mail account until they restore access. The purpose of this spam campaign is to deceive recipients into disclosing their email log-in crede