During our assessment, we discovered that AresSearch is a dubious application crafted to exhibit unwanted advertisements. Consequently, we have categorized AresSearch as adware. Users are encouraged to refrain from installing these applications and to remove them from any affected computers or w
GlobalLetterSearch is an adware-type application from the AdLoad malware family. The app generates revenue for its developers by feeding users unwanted and potentially malicious ads. Our research team discovered GlobalLetterSearch while investigating new submissions to the VirusTotal platform.
While browsing untrustworthy websites, our researchers discovered Horoscope Ext. This browser extension promises quick access to horoscopes and other astrology-related topics. On our test machine, Horoscope Ext altered browser settings and generated redirects. Due to this behavior, we determined t
During a routine inspection of new file submissions to the VirusTotal site, our researchers discovered the InitialClick app. Upon examination, we learned that this piece of software is adware belonging to the AdLoad malware family. InitialClick operates by delivering intrusive advertisement camp
Spock is the name of an information-stealing malware. This malicious program can extract sensitive data from devices and exfiltrate files. If the Spock stealer has been detected on a system, immediate removal is crucial. After infecting a machine, the Spock stealer begins collecting releva
VietCredCare, an information-stealing tool previously unidentified, has been circulating since at least August 2022. This software, distributed through a stealer-as-a-service model, is believed to be managed by individuals proficient in Vietnamese. Typically, malware of this type is utilized for h
Xehook is a stealer written in the C# programming language. It is an incredibly lightweight program, ranging between 140-160 KB in size. This data-stealing malware was unveiled in late January 2024, which closely coincides with a public share of the code for restoring dead cookies on the Google Ch
When examining foupeethaija[.]com, we noted that it displays deceptive content (uses clickbait) to lure visitors into consenting to receive notifications from the page. Also, foupeethaija[.]com can redirect users to other websites. Thus, it is strongly recommended that users do not trust foupeetha
Our researchers discovered the Taliban Skull ransomware while reviewing new malware submissions to VirusTotal. This ransomware is designed to encrypt data and demand payment for the decryption. After we executed a sample of Taliban Skull on our testing system, it encrypted files and altered their
When examining malware samples submitted to the VirusTotal website, we discovered a ransomware variant known as Bl00dyAdmin. This ransomware encrypts data and renames encrypted files by appending the ".CRYPT" extension. Also, Bl00dyAdmin creates the "Read_instructions_To_Decrypt.txt" file containi