Following our analysis, we have identified ook.gg as a dubious search engine. Typically, search engines of this nature are promoted through browser-hijacking extensions. Nevertheless, it has been observed that ook.gg is injected into startup processes in certain instances. In either scenario, use
While investigating deceptive sites, our researchers discovered an installation setup promoting the K Searches browser extension. Our examination revealed that this extension is a browser hijacker. It manipulates browser settings to endorse (via redirects) the ksearches.com fake search engine. It
During a routine investigation of untrustworthy websites, our researchers discovered the "Norton - Your PC Is Infected With 18 Viruses!" scam. Presented as the Norton anti-virus, this scheme claims to detect multiple infections on users' devices. Typically, scams of this kind are used to promote u
Editbot is a piece of malicious software capable of extracting vulnerable information from infected devices. Targeted data includes browsing information, Internet cookies, log-in credentials, and other sensitive details. This stealer is written in the Python programming language. Editbot has been
MrAnon is the name of an information-stealing malware written in the Python programming language. This stealer has a variety of data-extracting capabilities and targets information from browsers, cryptocurrency wallets, messengers, and other applications. At the time of writing, MrAnon's develope
Upon careful examination, it is noted that YTube AdSkipper exhibits unwanted advertisements and possesses the ability to read and modify data on all pages. Applications with these characteristics fall under the category of adware. Ironically, YTube AdSkipper is marketed as a tool intended to facil
NineRAT is a Remote Administration Trojan (RAT) written in the DLang programming language. This RAT is used by a group of threat actors known as Lazarus. RAT is a type of malware that allows unauthorized remote access to a victim's computer, enabling cyber attackers to control the system, potentia
DLRAT, a malware built using the DLang programming language, operates as both a Remote Access Trojan (RAT) and a downloader. RATs, in general, are crafted to enable unauthorized remote access and control over compromised computers. DLRAT is known to be employed by a cybercrime group known as Lazar
"HackTool:Win32/Crack" is a generic detection name used by a multitude of security engines and vendors for software "cracks". "Cracks" are illegal tools utilized for "cracking" program protection; this includes bypassing the product's security measures, implementing a stolen activation key or fak
LogarithmicProcess is the name of a rogue application that we discovered while inspecting new submissions to the VirusTotal website. Our analysis revealed that this app is advertising-supported software (adware). LogarithmicProcess is part of the AdLoad malware family. It operates by running in