AssistiveTool is a rogue app discovered by our research team during a routine inspection of new submissions to the VirusTotal platform. Upon examination, we determined that AssistiveTool is advertising-supported software (adware). This application is part of the AdLoad malware family. Ad
Our researchers discovered the Cute Foxes browser extension while investigating dubious websites. This piece of software promises to display images depicting foxes on users' browsers. However, after testing this extension – we determined that it is a browser hijacker. Cute Foxes makes changes to
Our research team discovered the SkilledAccess adware while checking out new submissions to the VirusTotal website. After analyzing this piece of software, we determined that it is adware from the AdLoad malware family. SkilledAccess operates by running intrusive advertisement campaigns.
While browsing suspicious sites, our researchers found a webpage promoting the "Threat Detected: xxbc Detected" technical support scam. Schemes of this kind claim that visitors' devices are infected or otherwise in danger and urge them to call bogus support lines. Once the scammers are contacted,
MINIBUS is a backdoor malware developed in C++, offering a range of capabilities such as extracting files, executing commands, communicating with cloud infrastructure, and more. Once activated, it grants cybercriminals unauthorized access to infected computers. MINIBUS acts as a backdoor,
MINIBIKE is a sophisticated backdoor malware crafted in C++, featuring a suite of functionalities such as file exfiltration, command execution, and communication with cloud infrastructure. Upon infiltration, it grants cybercriminals unauthorized access to compromised computers. MINIBIKE's
Ysearcher.com is the address of a fake search engine. These pages typically cannot provide search results and redirect to legitimate Internet search websites. Fraudulent search engines are usually promoted (via redirects) by browser hijackers. Software within this classification tends to alter br
In our evaluation of the email, it has become evident that it is authored by scammers with the intention of deceiving recipients into divulging sensitive information. Disguised as a notification from OneDrive, the email includes a link to a fraudulent webpage. Such emails are commonly referred to
LockBit 4.0 is a new variant of the LockBit ransomware. This version was released in February 2024, the same month law enforcement agencies arrested two LockBit operators. Five days following the breach, the threat actors released a statement regarding restructuring and intentions to continue oper
In the course of our inspection of malware samples on VirusTotal, we came across a ransomware variant dubbed Frea. As a rule, malware of this type encrypts files and demands payment for decryption. In addition to encrypting files, Frea appends its extension to filenames (".frea"), provides a ranso