While investigating new submissions to VirusTotal, our research team discovered another ransomware from the Phobos family called LEAKDB. Malware within this classification encrypts data and demands payment for its decryption. On our test machine, LEAKDB ransomware encrypted files and altered thei
Upon close inspection, the outcome of our examination is that SpaceRaces is a potentially harmful application distributed via a malicious installer. SpaceRaces is installed concurrently with numerous other undesired components. This software has been observed operating in the Task Manager under th
Upon our examination, it has become apparent that FoundryIntelligence is an advertising-supported application that displays annoying advertisements. Typically, users install apps like FoundryIntelligence on their computers without fully understanding what issues these apps can cause. At
Jazi, identified through the examination of samples submitted to VirusTotal, operates as ransomware upon infiltrating a system. Upon infiltration, it encrypts files, appends the ".jazi" extension to filenames, and leaves behind a ransom note labeled "_readme.txt". An example of the file renaming p
After analysis, it has come to our attention that webprotectionrequired[.]com is a deceptive website that displays misleading content and wants to send notifications. Also, webprotectionrequired[.]com may redirect visitors to similar pages. Thus, it is strongly recommended not to trust webprotecti
Jawr is ransomware that has been discovered during analysis of samples submitted to VirusTotal. Once on the system, Jawr encrypts files, adds the ".jawr" extension to filenames, and leaves a ransom note ("_readme.txt"). An example of how files encrypted by Jawr are renamed: "1.jpg" is changed to "
In the course of our review, it has been identified that messenger-rocks[.]com uses clickbait to lure visitors into allowing it to send notifications. Also, messenger-rocks[.]com can redirect visitors to other dubious websites. It is worth noting that pages like messenger-rocks[.]com are promoted
Our research team found the Overbright application while investigating submissions to the VirusTotal platform. After examining this app, we determined that it is advertising-supported software (adware). It is pertinent to mention that Overbright belongs to the Pirrit adware family. Adwar
Searchmylinks[.]com is a rogue page that runs scams and promotes spam browser notifications. It can also redirect visitors to other (likely dubious/malicious) websites. Most users enter these webpages via redirects caused by sites utilizing rogue advertising networks. Our researchers discovered s
While inspecting new submissions to VirusTotal, our research team discovered the Ravenwise app. Following our analysis, we determined that this application is advertising-supported software. Additionally, we learned that Ravenwise is part of the Pirrit adware family. Adware operates by r