During our assessment of the ResolutionRanking application, we discovered that it displays intrusive advertisements, leading us to classify it as adware. It is worth noting that software in this category often possesses the ability to gather diverse forms of information. The types of ads
Greenbean is the name of a banking trojan. It is designed to infect Android operating systems. This malicious program has been around since at least 2023. As its classification implies, this trojan seeks banking and other finance-related information. There is evidence suggesting that Greenbean tar
GoBear is a backdoor malware crafted in the Go language and authenticated with a legitimate D2innovation Co.,LTD certificate. This insidious threat operates by executing malicious commands received from a Command and Control (C&C) server. Notably, GoBear enhances its capabilities by integratin
Written in Go language, Troll is a piece of malware that specializes in stealing sensitive information from infected computers. This malware operates through a multi-faceted approach, initially infiltrating systems via a deceptively innocent facade - a dropper masquerading as a benign security pro
"Win32/OfferCore" (or simply "OfferCore") is a generic detection name used by many security vendors to track bundled setups. Basically, bundlers refer to installers containing several pieces of software. Bundled setups may comprise a single legitimate program with untrustworthy additions or only u
Our analysis of the Press-Tab browser extension showed that it promotes press-tab.com by modifying the browser settings, a tactic known as browser hijacking. It is crucial to note that users often unintentionally add extensions like Press-Tab to their browsers. Pretty often, browser hijackers are
Win32/Grenam is the detection name employed by cybersecurity software to pinpoint a hybrid form of malware blending trojan, worm, and virus characteristics. It is important to note that even after successfully detecting and eliminating this specific threat, conducting a comprehensive scan may unco
Upon inspecting the HyperTextCompile application, we found it to possess characteristics typical of ad-supported software. After installation, users may encounter intrusive advertisements designed to promote unreliable websites. Therefore, it is advisable to refrain from installing HyperTextComp
Our research team found the ZenFocusZone browser extension while reviewing suspicious websites. This piece of software alters browser settings in order to promote (through redirects) the zenfocuszone.com fake search engine. Due to this behavior, ZenFocusZone is categorized as a browser hijacker.
After inspecting this Balancer website, we determined that it is fake. It imitates the official platform's site, both its graphics and domain. Once a user tries to interact with the imitator webpage, they are immediately requested to connect their digital wallet – and by doing so, they will inadve