During our investigation of groovinews[.]com, we identified its utilization of deceitful methods, including the presentation of misleading messages and other content, to manipulate visitors into subscribing to notifications. Additionally, groovinews[.]com has the potential to redirect users to oth
Our research team found the gripehealth[.]com rogue page while examining untrustworthy websites. It is designed to push browser notification spam and redirect users to other (likely dubious/harmful) sites. Visitors to gripehealth[.]com and webpages akin to it – primarily access them through redir
While inspecting new submissions to the VirusTotal site, we discovered the TmrCrypt0r malicious program. It belongs to the Xorist ransomware family. On our testing system, this ransomware encrypted files and appended their filenames with a ".TMRCRYPT0R" extension. For example, and original filena
While reviewing new submissions to VirusTotal, our researchers discovered the AnalyzeHelper application. After examining the app, we determined that it is advertising-supported software (adware). Additionally, we learned that AnalyzeHelper belongs to the AdLoad malware family. Adware is
FreshPlatform is a rogue application that our research team discovered while investigating new submissions to VirusTotal. After inspecting this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It
While analyzing unonontate[.]com, we noticed its deceptive strategy of convincing visitors to grant notification permissions. Additionally, unonontate[.]com may redirect users to other suspicious websites. We discovered unonontate[.]com during our investigation of pages connected to unreliable adv
Our research team discovered the MiniMe ransomware while inspecting new submissions to the VirusTotal website. This malicious program is based on the Chaos ransomware. After we executed a sample of MiniMe on our test machine, it encrypted files and appended their filenames with a ".minime" extens
Our analysis of the VirtualActivity application revealed that it exhibits intrusive advertisements. For this reason, we classified VirtualActivity as adware. It is worth noting that software of this type is commonly disseminated through dubious and deceptive techniques, which can lead to uninten
Ahtw is ransomware associated with the Djvu family. It encrypts files on the victim's computer and requests a ransom for the decryption tools. Our team encountered Ahtw during the analysis of recently submitted malware samples on the VirusTotal platform. It is worth mentioning that Ahtw may be dis
During our examination of malware samples submitted to VirusTotal, we came across Ahgr, a ransomware variant that is part of the Djvu family. Ahgr encrypts files and modifies their names by adding the ".ahgr" extension. Furthermore, it creates a ransom note as a text file named "_readme.txt". Her