When examining malware samples of VirusTotal, we discovered a ransomware variant belonging to the Proton family dubbed SWIFT. Once SWIFT infiltrates a computer, the ransomware encrypts and renames files, changes the desktop wallpaper, and creates a ransom note ("#SWIFT-Help.txt"). SWIFT renames f
While investigating suspicious sites, we discovered the Pinaview application. It is promoted as a tool that allows users to keep (i.e., pin) a window on top of all others. However, this piece of software operates as proxyware – an Internet bandwidth hijacker. It may also have other undesirable or
Asuka is a stealer written in the C++ programming language. It targets sensitive information from browsers, cryptocurrency wallets, and other applications/extensions. The developers of this malware are offering it for sale on the Web. Asuka is sold as a customizable data-stealing program with fea
During our inspection, we discovered that Grammar Jet is designed with the sole intention of promoting grammarjet.com. This browser extension accomplishes this by altering the settings of a web browser, compelling users to navigate to grammarjet.com. Consequently, we have categorized Grammar Jet a
Our research team discovered nortos[.]fun during a routine inspection of dubious websites. This rogue page endorses deceptive content and spam browser notifications. It can also redirect users to other (likely untrustworthy/dangerous) sites. Most visitors to nortos[.]fun and webpages akin to it ac
TrustedAnalyser is an adware-type app from the AdLoad malware family. The application operates by running intrusive advertisement campaigns, and it may have other harmful abilities. Our research team discovered TrustedAnalyser during a routine investigation of new file submissions to the VirusTo
Sighful.app is a piece of rogue software discovered by our research team during a routine inspection of new submissions to the VirusTotal platform. After analyzing this application, we determined that it is advertising-supported software (adware). Sighful.app is part of the Pirrit malware family
In the course of our inspection of malware samples on VirusTotal, we came across the finding that ZENEX is ransomware belonging to the Proton family. ZENEX is designed to encrypt files, modify filenames of encrypted files, provide a ransom note ("#Zenex-Help.txt"), and change the desktop wallpaper
Yoursmartsecurityguards[.]club is a rogue webpage discovered by our researchers during a routine inspection of unreliable websites. This page promotes deceptive content and spam browser notifications. It can also redirect users to other (likely dubious/dangerous) sites. Visitors to yoursmartsecur
While inspecting new submissions to the VirusTotal platform, our research team discovered an application called Skat.app. Upon inspection, we determined that it is adware belonging to the Pirrit malware family. Skat.app is designed to generate revenue for its developers by feeding users with und