Our researchers discovered the DefaultConfig application while inspecting new file submissions to the VirusTotal platform. Upon examination, we determined that this software is adware from the AdLoad malware family. DefaultConfig runs intrusive advert campaigns and may have other harmful abiliti
Upon examining the page, we found indications of deception. The site falsely claims the availability of the Creo Launchpad Beta, enticing users with promises of portfolio management, earning $CREO rewards, and participating in alpha testing. It is an attempt to lure unsuspecting individuals into a
Paraboobs[.]xyz is the address of a rogue page discovered by our researchers during a routine investigation of dubious websites. After inspecting this webpage, we learned that it promotes browser notification spam and redirects visitors to different (likely unreliable/dangerous) sites. Users prim
Upon investigation of qjrhacxxk[.]xyz, it became apparent that its objective is to deceive visitors into consenting to receive its notifications. The website employs a clickbait strategy, displaying misleading content to entice users. Furthermore, qjrhacxxk[.]xyz may redirect users to websites pos
While reviewing new submissions to VirusTotal, our researchers discovered the Genesis ransomware. This program is part of the MedusaLocker ransomware family. Malware within this classification encrypts files and demands payment for their decryption. On our test machine, Genesis (MedusaLocker) ran
Upon examination of the Repiningly.app application, it was discovered to be affiliated with the Pirrit family and designed specifically to exhibit intrusive advertisements. Moreover, this application may be able to access and collect various forms of data. Applications like Repiningly.app are ca
During our inspection of samples submitted to VirusTotal, we discovered a ransomware variant dubbed DoNex. This ransomware is created to encrypt data, provide a ransom note ("Readme.[victim's_ID].txt") and append its extension (victim's ID) to filenames of all encrypted files. An example of how D
After assessing the TaskNames app, it is apparent that it displays intrusive advertisements that may lead users to unreliable websites. Such behavior categorizes it as adware. It should be mentioned that software of this type is also known for gathering user data. It is recommended to avoid inst
Upon evaluating the SyncedWindow app, it became evident that it showcases intrusive advertisements, potentially directing users to untrustworthy websites. Applications demonstrating such behavior are classified as adware. Frequently, apps similar to SyncedWindow not only present ads but also col
RankingNetworks is a rogue app discovered by our researchers while inspecting file submissions to the VirusTotal website. After analyzing this application, we learned that it is adware from the AdLoad malware family. RankingNetworks generates revenue for its developers through advertising.