Ma1x0 is ransomware that we discovered while inspecting malware samples submitted to VirusTotal. The key findings about Ma1x0 are that it belongs to the Mallox family, appends the ".ma1x0" extension to filenames, and provides a ransom note ("HOW TO RESTORE FILES.txt"). An illustration of how Ma1x
During our examination, we discovered that AppInfo is an unreliable application crafted to inundate users with bothersome advertisements, potentially leading to visits to untrustworthy websites. Consequently, we have classified AppInfo as advertising-supported software (adware). Users should avo
When examining the Dictionary Ext app (browser extension), it was noted that it functions as a browser hijacker. It means that Dictionary Ext forces users to visit a specific page by changing the settings of the affected/hijacked browser. Additionally, Dictionary Ext may collect browsing-related a
During our assessment, we discovered that AresSearch is a dubious application crafted to exhibit unwanted advertisements. Consequently, we have categorized AresSearch as adware. Users are encouraged to refrain from installing these applications and to remove them from any affected computers or w
GlobalLetterSearch is an adware-type application from the AdLoad malware family. The app generates revenue for its developers by feeding users unwanted and potentially malicious ads. Our research team discovered GlobalLetterSearch while investigating new submissions to the VirusTotal platform.
While browsing untrustworthy websites, our researchers discovered Horoscope Ext. This browser extension promises quick access to horoscopes and other astrology-related topics. On our test machine, Horoscope Ext altered browser settings and generated redirects. Due to this behavior, we determined t
During a routine inspection of new file submissions to the VirusTotal site, our researchers discovered the InitialClick app. Upon examination, we learned that this piece of software is adware belonging to the AdLoad malware family. InitialClick operates by delivering intrusive advertisement camp
Spock is the name of an information-stealing malware. This malicious program can extract sensitive data from devices and exfiltrate files. If the Spock stealer has been detected on a system, immediate removal is crucial. After infecting a machine, the Spock stealer begins collecting releva
VietCredCare, an information-stealing tool previously unidentified, has been circulating since at least August 2022. This software, distributed through a stealer-as-a-service model, is believed to be managed by individuals proficient in Vietnamese. Typically, malware of this type is utilized for h
Xehook is a stealer written in the C# programming language. It is an incredibly lightweight program, ranging between 140-160 KB in size. This data-stealing malware was unveiled in late January 2024, which closely coincides with a public share of the code for restoring dead cookies on the Google Ch