AridSpy is a piece of malware (a trojan) targeting Android users. Cybercriminals deliver AridSpy via trojanized applications that contain a malicious code. This malware is used to steal various information from the infected Android devices. AridSpy should be eliminated from infected devices as soo
Our research team discovered the MachineAnalyzer application while reviewing new file submissions to the VirusTotal website. After analyzing this piece of software, we learned that it is adware. MachineAnalyzer is part of the AdLoad malware family. This app runs intrusive advert campaigns, and i
PubSurf is a Potentially Unwanted Application (PUA). Software within this classification typically possesses harmful capabilities, such as collecting information, generating redirects, displaying ads, etc. Additionally, PUAs often arrive onto systems in bundled installers (i.e., packed with other
During our inspection of Proboscideous.app, we discovered that it is designed to bombard users with annoying advertisements. Thus, we classified Proboscideous.app as adware. Additionally, we found that Proboscideous.app belongs to the Pirrit family. Overall, users should avoid installing Probosc
Our researchers found Jinwooks ransomware while browsing new malware submissions to VirusTotal. This program is based on the Chaos ransomware. On our test machine, Jinwooks ransomware encrypted files and added a ".jinwooksjinwooks" extension. To elaborate, a file initially named "1.jpg" became "1
Our researchers found the GhostHacker ransomware during a routine inspection of new file submissions to the VirusTotal site. Malware of this type is designed to encrypt files and demand payment for its decryption. We acquired a sample of GhostHacker and executed it on our testing system. This ran
AzzaSec is ransomware that we discovered during our analysis of samples uploaded to the VirusTotal platform. Once a computer is infected, AzzaSec encrypts files and appends the ".AzzaSec" extension to filenames. Additionally, this ransomware changes the desktop wallpaper and provides a ransom note
Iadispatcher.com is the address of a fake search engine that cannot provide search results. Websites of this kind are typically promoted (via redirects) by browser hijackers. Our research team discovered iadispatcher.com while investigating a rogue installer that, upon installation, generated redi
While browsing dubious websites, our research team discovered phoaksux[.]com. This rogue webpage promotes browser notification spam and generates redirects to different (likely unreliable/hazardous) sites. Pages like phoaksux[.]com are most often accessed via redirects caused by websites that uti
While inspecting malware samples submitted to VirusTotal, we discovered Cebrc ransomware, which is based on Chaos. Cebrc encrypts files, appends the ".cebrc", extension to filenames, and provides a ransom note ("read_it.txt"). An example of how files encrypted by Cebrc are renamed: "1.jpg" is chan