Our research team found the AgentSector app while reviewing new submissions to the VirusTotal website. Upon examination, we determined that this application is advertising-supported software (adware). AgentSector belongs to the AdLoad malware family. Adware aims to generate revenue for its devel
Brain Cipher is a ransomware-type virus. This malicious program is based on the LockBit ransomware. Malware within the ransomware classification is designed to encrypt data and demand payment for the decryption. On our testing system, Brain Cipher encrypted and renamed files. Original titles were
During our examination of find.nsrc-now.com, we noticed that it is an address that serves as part of a redirection chain. We also found that find.nsrc-now.com is associated with a fake extension. Thus, users who encounter redirects to and from find.nsrc-now.com should remove an unwanted extension
We discovered the FormatProtocol rogue application while reviewing new file submissions to the VirusTotal platform. After investigating this app, we determined that it is adware. FormatProtocol belongs to the AdLoad malware family. Adware stands for advertising-supported software. It typ
InnoSetup is a downloader-type malware. It masquerades as an installation setup and downloads a variety of malicious software when users interact with it. InnoSetup has been observed infiltrating stealer-type trojans, proxyware, and adware onto compromised systems. However, it could proliferate ot
During our inspection of the Norton Safe Search Enhanced browser extension, we found that it is a fake extension that has nothing to do with legitimate Norton products. This extension is promoted as a tool that provides maximum browsing protection. However, its true purpose is to promote dubious a
Our research team discovered an installer containing TroxApp promoted by a scam page, which was accessed via redirect generated by a Torrent website that utilizes rogue advertising networks. Upon inspection, we determined that TroxApp is a PUA (Potentially Unwanted Application). Apps within this
After inspecting the "Restore/Confirm Your Email Access" message, we determined that it is spam. This email falsely claims that the recipient cannot use their mail account until they restore access. The purpose of this spam campaign is to deceive recipients into disclosing their email log-in crede
After reviewing the page (points-monad[.]net), we have determined it to be a fraudulent website impersonating the real Monad platform (monad[.]xyz). The scammers operating this deceptive site intend to deceive individuals into actions that could result in financial loss. Therefore, points-monad[.]
We have examined this email and discovered that it is a phishing email targeting sensitive information. Scammers behind this scam email aim to trick recipients into believing they have received a notification from an email service provider and entering the requested details on a deceptive page.