Our research team discovered the Screenshot browser extension while inspecting questionable websites. This piece of software is presented as a tool that allows users to take screenshots easily, and it displays browser wallpapers. After analyzing this extension, we learned that it makes changes to
QuiteRAT is a piece of malicious software categorized as a Remote Access Trojan (RAT). This program is designed to enable remote access/control over infected systems. QuiteRAT was first spotted in early 2023 and has been since linked to the Lazarus Group – a threat actor backed by the state of No
After encountering a suspicious website, our research team stumbled upon the ApteryxAustralis application while testing a potentially harmful installer. This application has the potential to involve itself in deceptive practices. Notably, ApteryxAustralis introduces the "Managed by your organizati
Our team came across the Giraffidae application during an investigation involving a suspicious website from which a malicious installer was downloaded. This application has the potential to carry out deceptive actions. Our analysis revealed that Giraffidae introduces the "Managed by your organizat
Retch is a ransomware-type program that we discovered while investigating new file submissions to the VirusTotal website. This software is designed to encrypt data and demand payment for its decryption. After we executed a sample of Retch on our testing system, it began encrypting files. Original
Our team discovered the TroodonFormosus app after running a malicious installer downloaded from a shady website. This app may engage in fraudulent activities. We found that TroodonFormosus adds the "Managed by your organization" feature to Chrome browsers. Also, it can read various data. Users who
During our examination of this website, we discovered its involvement in a technical support scam, wherein misleading pop-up messages are displayed to deceive visitors into believing their computers are compromised. It is essential to avoid such websites, as they are designed to deceive users into
While analyzing malware samples submitted to VirusTotal, our team encountered the Nzqw ransomware, a member of the Djvu family. When a computer becomes compromised, Nzqw encrypts a range of files and appends the ".nzqw" extension to their original filenames. For instance, a file named "1.jpg" woul
While examining malware samples submitted to VirusTotal, our team came across the Nztt ransomware, a variant linked to the Djvu family. Once a computer is compromised, Nztt encrypts various files and adds the ".nztt" extension to their initial filenames. For example, a file named "1.jpg" transform
Our research team discovered the ContentRanger application during a routine investigation of new submissions to the VirusTotal site. After analyzing this app, we determined that it is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to ge