While analyzing malware samples submitted to VirusTotal, we identified Wisz as ransomware linked to the Djvu family. Wisz ransomware encrypts files on the victim's system, appending the ".wisz" extension to their filenames. Additionally, it generates a "_README.txt" file containing a ransom note.
Our researchers discovered the AnalogInterface app while inspecting new file submissions to the VirusTotal platform. After examining this software, we determined that it is adware. AnalogInterface is part of the AdLoad malware family. It is designed to run intrusive ad campaigns and may have oth
After examining the CommonRemote application more closely, we have determined that it exhibits advertisements to users, categorizing it as adware. It is important to recognize that applications like CommonRemote may extend beyond simply displaying ads, potentially engaging in additional unwanted
This "Webmail Verification" email is spam. It is a phishing letter that targets Spanish-speaking users. It claims that the recipient's email account has been blocked due to suspicious sign-in attempts. By attempting to remove the suspension, the user is deceived into disclosing their email log-in
Discovered by Kaushík Pał, Avira9 is a ransomware-type program designed to encrypt data and demand payment for decryption. It must be emphasized that this malware is not associated with the Avira anti-virus or its developers. After we executed a sample of Avira9 on our testing system, the ransomw
After inspecting the "Webmail - Low Storage Space" email, we determined that it is spam. This phishing letter targets email account log-in credentials by making false claims regarding low mailbox storage. The scam email with the subject "Mailbox Alert: Your mailbox is full" (may vary) info
After reviewing the "Work For Charity" email, we determined that it is spam. This letter requests the recipient to distribute the sender's funds to charity. For their efforts, the recipient is promised 40% of the nine million pounds. Typically, scam mail of this kind targets personally identifiabl
TimbreStealer is a piece of malicious software designed to steal information. It was first observed being proliferated through email spam campaigns in the autumn of 2023 and is still in active distribution as of February 2024. This malware was noted being used to target users in Mexico exclusively
BrowserProgress is an adware-type application discovered by our researchers during a routine investigation of new file submissions to the VirusTotal website. This app is part of the AdLoad malware family. Advertising-supported software (adware) is designed to generate revenue for its developers
While reviewing suspicious sites, our research team discovered the Author Pics Default Search browser extension. This piece of rogue software modifies browser settings to endorse (via redirects) the author.pics fake search engine. It also spies on users' browsing activity. Due to this behavior, Au