Our research team discovered MetroBrowser while reviewing new file submissions to the VirusTotal site. Upon examination, we determined that this application is advertising-supported software (adware) belonging to the AdLoad malware family. MetroBrowser runs intrusive advertisement campaigns, and
While investigating file submissions to the VirusTotal platform, our researchers discovered the Crocodile Smile ransomware. This malicious program operates by encrypting data and demanding ransoms for the decryption. After we executed a sample of Crocodile Smile on our test machine, it began encr
Following our inspection, it is clear that this email is a phishing scam posing as a notification from the Reserve Bank of Australia. Crafted by scammers, the deceptive email aims to lure unsuspecting recipients into disclosing sensitive personal information. Recipients should exercise caution to
During our analysis of malware samples submitted to VirusTotal, we encountered L00KUPRU, a ransomware variant belonging to the Xorist family. This ransomware encrypts files, triggers a pop-up window, and generates a "HOW TO DECRYPT FILES.txt" file, both of which contain a ransom note. Also, L00KU
Upon thorough analysis, it has been determined that IndexerTask is a deceitful application designed to flood users with intrusive advertisements. As a result, IndexerTask has been categorized as adware. Users commonly unknowingly download and install such software, unaware of its tendency to sho
After careful examination, it has been established that DynamicPositive is an untrustworthy application crafted to inundate users with intrusive advertisements. Consequently, DynamicPositive has been categorized as adware. Typically, users inadvertently download and install such software, unawar
We discovered idesmasp[.]com while investigating suspicious sites. This rogue page promotes browser notification spam and can redirect users to different (likely unreliable/hazardous) websites. Most visitors to webpages similar to idesmasp[.]com access them through redirects caused by sites using
We discovered SyncProcess adware while browsing new submissions to the VirusTotal platform. This application belongs to the AdLoad malware family. SyncProcess is designed to generate through advertising. Adware typically operates by placing third-party graphical content (e.g., overlays,
Moltenmoldmaster[.]com is a rogue webpage found by our researchers during a routine inspection of untrustworthy sites. Our examination revealed that this page endorses spam browser notifications and redirects to other (likely dubious/dangerous) websites. Most users access webpages like moltenmold
Charity is a ransomware-type program. Typically, malware within this classification encrypts files and demands ransoms for the decryption. However, the Charity malicious program did not encrypt data at the time of research. Instead, Charity displayed a fullscreen message containing a standard ran