ExtendedModule is a rogue application we discovered while reviewing new file submissions to the VirusTotal site. After checking out this software, we determined that it is adware belonging to the AdLoad malware family. ExtendedModule is designed to feed users with unwanted and potentially malici
While browsing new submissions to VirusTotal, our researchers discovered the MatrixObsession app. Upon inspection, we determined that it is advertising-supported software (adware) from the AdLoad malware family. MatrixObsession operates by running intrusive ad campaigns, and it may possess other
While investigating dubious websites, our researchers found the nettiinc[.]com rogue page. After inspecting it, we learned that it endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) sites. Visitors mainly enter nettiinc[.]com and pages akin to it via
LocalAdmin is a rogue app discovered by our researchers during a routine inspection of new submissions to the VirusTotal website. After analyzing a piece of software, we determined that it is adware from the AdLoad malware family. Advertising-supported software generates revenue for its develope
During a routine review of new submissions to the VirusTotal website, our research team discovered GlobalAppSearch. This application runs intrusive advertisement campaigns and may have other harmful capabilities. Due to said behavior, GlobalAppSearch is classed as adware. The app is part of the
After examination, it has been found that news-guwuhu[.]com utilizes clickbait, a deceptive tactic, to trick visitors into allowing notifications. Furthermore, news-guwuhu[.]com can redirect users to similar web pages. Consequently, this and related websites should not be trusted and should be clo
After we read the "Overseas Partner" email, it became evident that this is spam. The sender seeks an "overseas partner" to transfer over eleven million USD to their bank account, 35% of which the recipient can keep. This scam email likely aims to deceive users into disclosing highly sensitive info
Our researchers discovered the frecrec.co[.]in rogue webpage while browsing dubious sites. It endorses browser notification spam and redirects users to different (likely untrustworthy/dangerous) websites. Frecrec.co[.]in and similar pages are primarily entered through redirects generated by sites
Following our examination of the CastoroidesOhioensis application, we have determined it to be a malicious extension distributed via untrustworthy sites. This extension has the ability to trigger the "Managed by your organization" feature, gain access to and manipulate diverse data, and oversee ot
Upon reviewing the email, we have determined that it is a deceptive communication masquerading as a request for quotation. The cybercriminals responsible for this email seek to deceive recipients into unwittingly activating the Agent Tesla malware through the attached document. Consequently, recip