INC is a ransomware-type program designed to encrypt data and demand payment for decryption. On our test machine, this malware encrypted files and appended their filenames with a ".INC" extension. To elaborate, a file initially named "1.jpg" appeared as "1.jpg.INC", "2.png" as "2.png.INC", and so
Re-captha-version-3-21[.]top is the address of a rogue site that promotes browser notification spam and redirects visitors to different (likely unreliable/malicious) webpages. Most users access pages like re-captha-version-3-21[.]top via redirects caused by websites utilizing rogue advertising ne
ZestyPeak is a rogue app that we discovered while investigating new submissions to VirusTotal. When we examined this application, we found that it is advertising-supported software (adware) belonging to the AdLoad malware family. ZestyPeak operates by running intrusive advert campaigns to genera
While investigating dubious webpages, our research team found the MySites browser extension. This piece of software promises to provide quick access to users' most frequently visited websites. Our analysis revealed that this extension alters browser settings in order to generate redirects to the g
Our researchers found the LookupLauncher rogue application during a routine inspection of new submissions to the VirusTotal site. After examining LookupLauncher, we determined that it is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to
Harward is the name of a ransomware-type program. It operates by encrypting files and demanding payment for their decryption. After we executed a sample of this ransomware on our testing system, it encrypted files and altered their filenames. Original titles were appended with the attackers' emai
Mobiledevice-protection[.]com is a rogue webpage that we discovered while inspecting dubious sites. It is designed to endorse scams and browser notification spam. Additionally, this page can redirect visitors to different (likely untrustworthy/hazardous) websites. Users primarily access webpages
While investigating sites that utilize rogue advertising networks, our researchers discovered the "YOUR DEVICE MAY BE COMPROMISED" scam. It uses scare tactics to trick users into performing specific actions. Typically, scams of this ilk promote untrustworthy and harmful software. When we a
Our research team found the GrowSupport application during a routine inspection of new submissions to the VirusTotal site. After investigating this rogue app, we determined that it is adware belonging to the AdLoad malware family. GrowSupport operates by running intrusive advertisement campaigns
While inspecting dubious websites, our research team discovered The Big 5 browser extension. Our analysis of this piece of software revealed that it is a browser hijacker that promotes (via redirects) the searchm5.com fake search engine. Browser-hijacking software reassigns browsers' homep