During our inspection of samples submitted to VirusTotal, we discovered a ransomware variant dubbed DoNex. This ransomware is created to encrypt data, provide a ransom note ("Readme.[victim's_ID].txt") and append its extension (victim's ID) to filenames of all encrypted files. An example of how D
After assessing the TaskNames app, it is apparent that it displays intrusive advertisements that may lead users to unreliable websites. Such behavior categorizes it as adware. It should be mentioned that software of this type is also known for gathering user data. It is recommended to avoid inst
Upon evaluating the SyncedWindow app, it became evident that it showcases intrusive advertisements, potentially directing users to untrustworthy websites. Applications demonstrating such behavior are classified as adware. Frequently, apps similar to SyncedWindow not only present ads but also col
RankingNetworks is a rogue app discovered by our researchers while inspecting file submissions to the VirusTotal website. After analyzing this application, we learned that it is adware from the AdLoad malware family. RankingNetworks generates revenue for its developers through advertising.
Our research team discovered the Military Pride Extension while investigating suspect websites. This piece of software promises to display military-themed browser wallpapers. Upon inspection, we determined that Military Pride Extension is a browser hijacker. It modifies browser settings to genera
Our researchers found the FindWebResults application during a routine inspection of new file submissions to the VirusTotal platform. We determined that this app is advertising-supported software (adware) that belongs to the AdLoad malware family. FindWebResults operates by delivering intrusive
After reviewing the "American Express - Disputed Payment Received" email, we determined that it is fake. This letter is disguised as a notification from American Express regarding a disputed payment. It must be emphasized that this mail is fraudulent and not associated with the actual American Ex
In the course of our inspection of the Stocks Manager application, we came across the finding that this browser extension changes the settings of a browser by modifying its settings to promote a shady search engine. Apps like Stocks Manager are classified as browser hijackers and should not be tru
While investigating deceptive sites, our research team discovered the Searchify PUA (Potentially Unwanted Application). The name of this rogue software is borrowed from a legitimate online tool that allows developers to add a search function to websites and apps. However, it must be stressed that
CHAVECLOAK is a malicious banking Trojan targeting users in Brazil. This Trojan is crafted with the intention of stealing sensitive financial information, such as banking credentials and personal data, from Brazilian users. It typically spreads through phishing emails containing a malicious PDF fi