DarkGate is a versatile malware toolset. It has been around since at least 2018, with the newest variant emerging in July 2023. The older versions were heavily spread via spam mail and Torrent sites, the latter focusing on Europe, particularly Spanish-speaking users. The latest DarkGate iteration
Our team examined the Mountain Wallpaper browser extension and discovered that it operates as a browser hijacker. Its primary aim is to promote find.pmywebsrc.com, a fake search engine, by modifying the settings of the hijacked browser. Usually, users unknowingly introduce browser hijackers to the
In our assessment of the GypsophilaPaniculata browser extension, we detected troubling activities, including the addition of the "Managed by your organization" feature to Chrome browsers, the management of specific browser elements, and the collection of various data. Our encounter with Gypsophila
While examining the SystemOptimization app, our team noticed it displays various ads, leading us to categorize it as adware. It is important to note that such software is often promoted and distributed deceptively. Thus, users often get tricked into installing programs like SystemOptimization.
During our examination of malware samples on the VirusTotal page, we came across the Rzfu ransomware, a member of the Djvu family. When this ransomware infects a computer, it encrypts files and appends the ".rzfu" extension to their filenames. For instance, "1.jpg" becomes "1.jpg.rzfu" and "2.png"
While studying malware on VirusTotal, we found the Rzml ransomware, which is part of the Djvu family. When a computer is affected, Rzml encrypts files and adds the ".rzml" extension to their names. For example, "1.jpg" becomes "1.jpg.rzml" and "2.png" turns into "2.png.rzml". Apart from encryptin
During our examination of malicious software samples that were uploaded to VirusTotal, we came across ransomware dubbed Rzkd. This particular ransomware is designed to encrypt files and alter their names by appending the ".rzkd" extension. Furthermore, Rzkd generates a ransom note, which can be fo
During our analysis of the Fonts Determiner application, our team observed that it presents a range of advertisements. Consequently, we have classified Fonts Determiner as adware. It should be highlighted that software of this nature is frequently marketed and disseminated through misleading metho
During our evaluation of the PterygotusAnglicus browser extension, we identified concerning behavior, such as adding the "Managed by your organization" feature to Chrome browsers, managing certain elements of the browser, and reading various data. We came across PterygotusAnglicus while investigat
During a routine review of new file submissions to VirusTotal, our research team discovered the ArchiveRemote application. After inspecting it, we determined that this piece of software is adware. ArchiveRemote is part of the AdLoad malware family. This app generates revenue for its developers