CriminalBot is a piece of malicious software targeting Android users. Malicious software on Android devices can have various capabilities, including data theft, spying and surveillance, unauthorized access, ad fraud, and more. Thus, CriminalBot should be removed from affected devices as soon as po
Pathfinder is the name of a cross-platform Remote Access Trojan (RAT). This malware is capable of infecting Windows, Linux, and Android operating systems. RATs enable remote access and control over infected devices. Pathfinder boasts the ability to allow full control over compromised machine GUIs
While investigating untrustworthy websites, our research team discovered the Pick Your Language browser extension. It is promoted as an easy-access tool to a dictionary, thesaurus, and translator. However, after analyzing this extension, we determined that it is advertising-supported software (adw
During our analysis of InteriorDesignTab, we observed that it promotes idtwebsearch.com by hijacking web browsers. Like many other browser hijackers, InteriorDesignTab alters the browser settings. Such apps are often promoted and distributed through questionable methods, leading users to unintenti
While examining CurrencyTrack, we discovered that it promotes get.currencytrack.net by hijacking a web browser. Like most browser hijackers, CurrencyTrack changes the settings of a web browser. It is common for apps of this type to be promoted and distributed using dubious methods. Thus, users oft
During our analysis of samples submitted to the VirusTotal website, our team made a significant finding – a new member of the Djvu ransomware family named Wsaz. This malicious program is designed to encrypt files, rendering them inaccessible to victims. Since Wsaz is part of the Djvu family, it co
While examining samples on VirusTotal, our team detected a new variant of the Djvu ransomware family known as Wsuu. This variant encrypts data and appends the ".wsuu" extension to the targeted files. Following the encryption process, the ransomware leaves a ransom note named "_readme.txt". Wsuu e
Star Field is a rogue browser extension that our researchers discovered while examining deceptive sites. This extension promises to display star-themed browser wallpapers. After investigating Star Field, we determined that it is a browser hijacker. This extension makes modifications to browser se
Our analysis of the "E-MAIL DELIVERY BLOCKED" letter revealed that it is spam. This scam email falsely claims that the recipient's account has been suspended. The bogus reactivation process requires the user to sign into their email account via a phishing website. The spam email with the s
Our research team discovered the My World Clock browser extension while investigating dubious sites. Its promotional webpage claims that the extension provides quick access to local weather forecasts; however, it operates in line with its name – by displaying the current time in several different