After inspecting "Humanitarian Aid To Palestinians", we determined that it is a scam. It imitates the website of the Anera humanitarian organization (anera.org). This scheme lures users into exposing their digital wallets to a crypto drainer by presenting it as a donation effort for Palestinians
Our research team discovered an installer containing PubQuo promoted by a deceptive webpage, which was accessed via a redirect generated by a Torrenting website using rogue advertising networks. PubQuo is a PUA (Potentially Unwanted Application). Software within this classification typically has
Rafel (also known as Ratel) is an open-source Remote Access Trojan (RAT) that targets Android devices. This program enables remote control over infected machines. Rafel can manipulate devices, steal data, and operate as ransomware. This RAT is compatible with Android versions 5 through 12 and has
Our researchers discovered ExtendedGuide while investigating new submissions to the VirusTotal site. Upon inspection, we learned that this application is adware. ExtendedGuide is part of the AdLoad malware family. Advertising-supported software is designed to feed users with unwanted and malicio
CommonParameter is a rogue app that we found during a routine inspection of new file submissions to the VirusTotal website. After examining this piece of software, we determined that it is adware from the AdLoad malware family. CommonParameter is designed to run intrusive ad campaigns, and it ma
While browsing new file submissions to the VirusTotal platform, our research team discovered the AssistRadio app. Our examination revealed that it is advertising-supported software (adware) from the AdLoad malware family. AssistRadio is designed to generate revenue for its developers through adv
Our researchers found nonprilor[.]com while investigating suspicious websites. Upon examination, we determine that this rogue webpage promotes browser notification spam and redirects users to other (likely unreliable/hazardous) sites. Most visitors to nonprilor[.]com and similar pages happen upon
Our research team discovered the ConnectionTiming app while investigating new file submissions to the VirusTotal platform. After examining this application, we learned that it is advertising-supported software (adware). ConnectionTiming is part of the AdLoad malware family. This software is desi
VirtualPartition is a rogue application discovered by our researchers during a routine inspection of new file submissions to VirusTotal. Upon examining the software, we determined that it is adware from the AdLoad malware family. Advertising-supported software is designed to feed users with unde
Our research team discovered FortyFy through a deceptive webpage, which was reached via redirect caused by a Torrenting website that uses rogue advertising networks. This browser extension supposedly prevents access to potentially harmful sites. The installer promoting FortyFy contained a variety