While investigating unreliable websites, our research team discovered the checkmerobotornot[.]com rogue page. It is designed to promote spam browser notifications; at the time of research, the webpage did so by utilizing fake CAPTCHA verification. Additionally, it can redirect visitors to other (l
Our researchers discovered the Byee ransomware-type program during a routine inspection of new malware submissions to the VirusTotal platform. Malicious software within this classification is designed to encrypt data and demand ransoms for its decryption. On our test machine, Byee encrypted files
Upon examination, it has been discovered that PublicUpdater is an adware-type application that can affect devices by inundating users with intrusive and often unwanted advertisements. Such software typically finds its way onto systems through various means, and once installed, it can disrupt the
Rusty Droid is the name given to a specific type of malware known as a Remote Access Trojan (RAT) that primarily targets Android users. A Remote Access Trojan is a malicious program that is designed to secretly infiltrate a user's device, in this case, an Android smartphone. Rusty Droid enables cy
After examining the page, it has come to light that its intent is to deceive visitors by making them believe their computers are compromised. This website runs a pop-up scam in which counterfeit messages surface, asserting the detection of security threats. Typically, these types of pages are util
Upon inspection of QuanticFit, it became obvious that its primary function revolves around displaying bothersome advertisements. These types of applications fall under the category of adware. It is imperative to underscore that users often install these applications inadvertently on their comput
During examination of PublicSystem, it has been found that its main purpose is to show annoying advertisements. Apps that operate like PublicSystem are called adware. It is crucial to emphasize that users often unintentionally install applications like PublicSystem on their computers. Th
While conducting an analysis of malware samples submitted to VirusTotal, we came across Ttrd, which is a ransomware variant associated with the Djvu family. Ttrd operates by encrypting files, adding the ".ttrd" extension to their filenames, and creating a ransom note in the form of a text file nam
During our analysis of a suspicious installer downloaded from an untrustworthy website, we encountered the MacropusRufus browser extension. Our investigation uncovered concerning characteristics associated with this software, including its ability to activate the "Managed by your organization" fea
While analyzing malware samples submitted to the VirusTotal platform, we encountered a ransomware variant named Ttwq. Ttwq encrypts files and modifies their filenames by adding the ".ttwq" extension. Furthermore, Ttwq is designed to create a text file called "_readme.txt", which contains a message