While checking out new file submissions to the VirusTotal website, our research team found the SYSDF ransomware. This program is part of the Dharma ransomware family. SYSDF is designed to encrypt data and demand payment for its decryption. On our testing system, this ransomware encrypted files an
DarkMe is identified as a remote access Trojan (RAT), a type of malware designed to provide cybercriminals with unauthorized access to infected systems. RATs are notorious for their stealthy operations, allowing attackers to monitor user activity, steal sensitive information, and execute malicious
While examining malware samples on VirusTotal, we discovered a member of the Phobos ransomware family dubbed Water. Like most ransomware variants, Water encrypts and renames files and provides a ransom note. Water's ransom notes are provided in "info.hta" and "info.txt" files. While renaming file
During our examination, it was noted that Catbird.app exhibits intrusive advertising to its users. As a result, we have categorized Catbird.app as adware. In addition to displaying advertisements, this application may gather specific user data. Furthermore, our investigation revealed that Catbir
Lkfr is a ransomware variant linked to the Djvu family. Lkfr operates by encrypting files and altering their filenames by adding its extension (".lkfr"). As an illustration, it transforms "1.jpg" into "1.jpg.lkfr", "2.png" into "2.png.lkfr", and so forth. Along with encrypting your files, Lkfr dr
We found the ExploreDesktop application during a routine inspection of new submissions to the VirusTotal platform. ExploreDesktop is adware from the AdLoad malware family. This app is designed to generate revenue for its developers by feeding users with unwanted and potentially dangerous adverti
While investigating unreliable websites, our research team discovered the update-macos[.]com rogue page. After reviewing it, we determined that this webpage promotes browser notification spam and redirects users to other (likely deceptive/malicious) sites. Most visitors to update-macos[.]com and
While reviewing new submissions to the VirusTotal platform, our researchers discovered the ParameterBuffer adware. This application is part of the AdLoad malware family. ParameterBuffer operates by running intrusive advertisement campaigns. Adware stands for advertising-supported softwar
Our research team discovered the Minimalist Search browser extension while browsing deceptive websites. After installing this piece of software on our testing system, we learned that it changes browser settings to promote (via redirects) the minimalistsearch.com fake search engine. Due to this beh
Our research team discovered the SimpleCache app while investigating submissions to the VirusTotal website. After analyzing this piece of software, we learned that it is adware from the AdLoad malware family. SimpleCache runs intrusive ad campaigns and may have additional harmful capabilities.