While reviewing new malware submissions to VirusTotal, our researchers discovered the RSA-4096 ransomware. Malicious software within this classification is designed to encrypt data and demand payment for the decryption. RSA-4096 is part of the Xorist ransomware family. On our testing system, a sa
Upon closer inspection of the OriginQueue application, we have identified that this app displays advertisements to users. Apps with this purpose are classified as adware. It is worth noting that apps like OriginQueue can sometimes do more than display ads. Thus, users are advised to remove them
When examining malware samples submitted to VirusTotal, we discovered a new member of the Xorist family dubbed WoXoTo. WoXoTo is ransomware, a type of malware designed to encrypt files. Also, WoXoTo provides two ransom notes (creates the "HOW TO DECRYPT FILES.txt" file and displays a pop-up messag
After examining the Wharf.app application, we have determined its primary function is to deliver advertisements to users, categorizing it as adware (this particular app belongs to the Pirrit family). These types of applications are well-known for displaying deceptive ads and possibly gathering u
Upon scrutinizing the ExpandedSample application, we have concluded that its core purpose revolves around delivering various advertisements to users, classifying it as adware. Such applications are infamous for showcasing misleading ads and potentially collecting a range of user data. Thus, it i
AssistiveTool is a rogue app discovered by our research team during a routine inspection of new submissions to the VirusTotal platform. Upon examination, we determined that AssistiveTool is advertising-supported software (adware). This application is part of the AdLoad malware family. Ad
Our researchers discovered the Cute Foxes browser extension while investigating dubious websites. This piece of software promises to display images depicting foxes on users' browsers. However, after testing this extension – we determined that it is a browser hijacker. Cute Foxes makes changes to
Our research team discovered the SkilledAccess adware while checking out new submissions to the VirusTotal website. After analyzing this piece of software, we determined that it is adware from the AdLoad malware family. SkilledAccess operates by running intrusive advertisement campaigns.
While browsing suspicious sites, our researchers found a webpage promoting the "Threat Detected: xxbc Detected" technical support scam. Schemes of this kind claim that visitors' devices are infected or otherwise in danger and urge them to call bogus support lines. Once the scammers are contacted,
MINIBUS is a backdoor malware developed in C++, offering a range of capabilities such as extracting files, executing commands, communicating with cloud infrastructure, and more. Once activated, it grants cybercriminals unauthorized access to infected computers. MINIBUS acts as a backdoor,