Our analysis indicates that ElementaryFrame is an advertising-supported program designed to display advertisements. In addition to its primary function of showcasing ads, ElementaryFrame may also gather various types of information. Due to its lack of reliability and potential privacy concerns,
During analysis of ourcommonnewz[.]com, it came to our attention that the page uses clickbait to lure visitors into agreeing to receive notifications. Upon visiting ourcommonnewz[.]com, users are presented with misleading content. Also, ourcommonnewz[.]com can redirect to similar sites. Ou
While investigating new malware submissions to VirusTotal, our research team found the Ebaka ransomware. This malicious program is part of the Phobos ransomware family. Ebaka is designed to encrypt files and demands ransoms for their decryption. On our testing system, this malware altered files (
NOOSE is ransomware from the Chaos family. Once a computer is infected, NOOSE encrypts files, appends the ".NOOSE" extension, changes the desktop wallpaper, and creates the "OPEN_ME.txt" file (a ransom note). An example of how files encrypted by NOOSE are renamed: "1.jpg" is changed to "1.jpg.NOOS
In the course of our inspection, we came across the finding that Nematoda is a dubious application distributed via a malicious installer. Once added, Nematoda enables the "Managed by your organization" feature. Also, this extension can read and change various data and manage other extensions (and
GreatestZone is a rogue app classed as adware. This piece of software is part of the AdLoad malware family. It is designed to run intrusive ad campaigns but may exhibit other harmful capabilities as well. Our researchers discovered GreatestZone during a routine investigation of new submissions t
Our examination revealed that ProfessionalServer is an advertising-supported program created to showcase advertisements. Beyond its ad-displaying function, ProfessionalServer may also collect diverse information. Given its lack of reliability, it is recommended to uninstall ProfessionalServer fr
In our examination, we have identified VBScrollLIB as a dubious program distributed through a malicious installer found on an untrustworthy website. The VBScrollLIB application shares similarities with another app named NPhoneRing. Given the unclear purpose of VBScrollLIB, it is advisable not to p
When examining reackened[.]com, it was noted that the page displays deceptive content to trick visitors into taking a specific action. Typically, users land on sites like reackened[.]com through other websites of this kind or similar channels. Thus, it is recommended to avoid visiting reackened[.]
Upon examination of the application, we discovered that Tubulidentata is a suspicious program distributed through a malicious installer. When added to a web browser, Tubulidentata can read and modify various data on visited pages, manage components within the browser, and activate the "Managed by