VisionCoordinator is a rogue application discovered by our research team during a routine investigation of new file submissions to the VirusTotal platform. Upon examination, we determined that it is adware from the AdLoad malware family. VisionCoordinator delivers intrusive advertisement campaig
During a routine investigation of dubious websites, our research team discovered the networkpcigniter[.]com page. Upon inspection, we determined that this rogue webpage promotes deceptive content and browser notification spam. Additionally, it can redirect users to other (likely untrustworthy/harm
Our researchers discovered the OfficerValue app while reviewing new submissions to the VirusTotal website. After investigating this piece of software, we learned that it is adware belonging to the AdLoad malware family. OfficerValue operates by displaying intrusive advertisements and may have ot
While reviewing new malicious file submissions to VirusTotal, our researchers discovered Slime ransomware. This program is based on Chaos, and it is designed to encrypt files in order to demand ransoms for the decryption. On our testing system, this ransomware encrypted files and appended their f
While investigating new submissions to the VirusTotal platform, our research team discovered Unharmonious.app. After examining this application, we determined that it is advertising-supported software (adware) belonging to the Pirrit malware family. Unharmonious.app is designed to run intrusive
Upon meticulous examination, it has become apparent that StandartSkill functions as adware. When in operation, this application inundates users with bothersome advertisements. Additionally, StandartSkill may be crafted to gather diverse data. It is advised to exercise caution and refrain from tr
"Yamaha Baby Grand Piano" is an email spam campaign. There are multiple variants of these emails, but the common throughline is the donation of a Yamaha baby grand piano. When a recipient expresses interest in obtaining the piano for free, they are requested to pay the shipping fees – thus, they a
Upon reviewing the email, we identified it as a phishing attempt designed to deceive recipients into divulging personal information. Disguised as an official notification from Amazon, the fraudulent email includes a link leading to a counterfeit page. Recipients are strongly advised to disregard a
Upon reviewing the webpage, we concluded that it is a fraudulent scheme masquerading as a cryptocurrency giveaway (airdrop). The scammers perpetrating the scam intend to deceive unsuspecting users into taking specific actions, ultimately leading to the depletion of their cryptocurrency funds.
In the course of our inspection of malware samples submitted to VirusTotal, we came across the finding that Dx31 is ransomware from the Phobos family. Upon activation, Dx31 encrypts data, renames all encrypted files, and provides two ransom notes ("info.hta" and "info.txt"). Dx31 appends the vict