Our research team discovered Identification.app during a routine investigation of new file submissions to the VirusTotal site. Upon inspection, we determined that this application is advertising-supported software (adware). This app is part of the Pirrit adware family. Adware is designed
Thegravehthh[.]info is the address of a rogue webpage that promotes dubious content and browser notification spam. It can also redirect users to other (likely unreliable/malicious) websites. Most visitors to pages like thegravehthh[.]info access them through redirects generated by sites using rog
While investigating dubious websites, our researchers discovered the ernenskohyptoke[.]com rogue page. It is designed to promote browser notification spam and redirect users to different (likely unreliable/dangerous). Most visitors to ernenskohyptoke[.]com and pages akin to it access them via red
GREEDYFATHER is the name of a ransomware-type program. Malware within this category encrypts data and demands ransoms for its decryption. On our testing system, this ransomware encrypted files and added the ".GREEDYFATHER" extension to their filenames. For example, an original title such as "1.jp
Waste.app is a piece of rogue software discovered by our research team during a routine inspection of new file submissions to the VirusTotal site. Our analysis revealed that Waste.app is advertising-supported software from the Pirrit adware family. This application is designed to deliver intrusi
After a thorough examination, we have determined that deepconnection.co[.]in is a deceptive website employing clickbait tactics to deceive visitors into granting permission for notifications. Typically, users stumble upon websites like deepconnection.co[.]in unintentionally. Upon accessing
While reviewing submissions to the VirusTotal online platform, our researchers discovered the Repressionist.app adware. This application is part of the Pirrit adware family. Repressionist.app operates by feeding users with undesirable and potentially dangerous advertisements. Adware stan
After a thorough examination, it has been determined that Turtle is ransomware designed to target three distinct operating systems: Windows, Linux, and macOS. The main purpose of Turtle is to encrypt files. Additionally, it appends the ".TURTLERANSv0" extension to filenames. For instance, it renam
Upon inspection, we determined that "LEDGER SECURITY" is spam. This fake email states that a security vulnerability has been discovered on the recipient's Ledger hardware cryptocurrency wallet. This spam mail promotes a phishing website that targets wallet log-in credentials. The "LEDGER S
After a comprehensive examination, it has been revealed that PakicetusAttocki is an unreliable application distributed via a malicious installer. Once added, PakicetusAttocki activates the "Managed by your organization" feature (in Chrome or Edge browser). Also, this app can manage extensions and