TimbreStealer is a piece of malicious software designed to steal information. It was first observed being proliferated through email spam campaigns in the autumn of 2023 and is still in active distribution as of February 2024. This malware was noted being used to target users in Mexico exclusively
BrowserProgress is an adware-type application discovered by our researchers during a routine investigation of new file submissions to the VirusTotal website. This app is part of the AdLoad malware family. Advertising-supported software (adware) is designed to generate revenue for its developers
While reviewing suspicious sites, our research team discovered the Author Pics Default Search browser extension. This piece of rogue software modifies browser settings to endorse (via redirects) the author.pics fake search engine. It also spies on users' browsing activity. Due to this behavior, Au
Upon scrutinizing the email, our analysis revealed that it constitutes a deceptive message crafted by scammers. The primary objective of this email is to deceive recipients into divulging personal information. Such emails are commonly referred to as phishing emails, as they aim to lure unsuspectin
Browse Next is promoted as a straightforward and user-friendly extension designed to aid users in understanding common online errors. Nevertheless, our investigation uncovered that Browse Next exhibits characteristics of adware. Once added, it initiates the unwanted and bothersome display of adver
While reviewing new malware submissions to VirusTotal, our researchers discovered the RSA-4096 ransomware. Malicious software within this classification is designed to encrypt data and demand payment for the decryption. RSA-4096 is part of the Xorist ransomware family. On our testing system, a sa
Upon closer inspection of the OriginQueue application, we have identified that this app displays advertisements to users. Apps with this purpose are classified as adware. It is worth noting that apps like OriginQueue can sometimes do more than display ads. Thus, users are advised to remove them
When examining malware samples submitted to VirusTotal, we discovered a new member of the Xorist family dubbed WoXoTo. WoXoTo is ransomware, a type of malware designed to encrypt files. Also, WoXoTo provides two ransom notes (creates the "HOW TO DECRYPT FILES.txt" file and displays a pop-up messag
After examining the Wharf.app application, we have determined its primary function is to deliver advertisements to users, categorizing it as adware (this particular app belongs to the Pirrit family). These types of applications are well-known for displaying deceptive ads and possibly gathering u
Upon scrutinizing the ExpandedSample application, we have concluded that its core purpose revolves around delivering various advertisements to users, classifying it as adware. Such applications are infamous for showcasing misleading ads and potentially collecting a range of user data. Thus, it i