During an investigation into a malicious installer, we came across RanunculusAcris and its concerning behavior as a browser extension. These activities encompassed the enabling of the "Managed by your organization" feature in the Chrome browser, the collection of diverse data, and the management o
Our examination of the "Password Marked For Deletion" email revealed that it is spam promoting a phishing scam. The letter targets recipients' email account log-in credentials by claiming that the password has expired. The scam email with the subject "Account Security Notice" (may vary) st
While examining malware samples submitted to the VirusTotal platform, we encountered a ransomware variant called Wwty. Wwty operates by encrypting files and modifying their file names by appending the ".wwty" extension. Moreover, Wwty is designed to create a text file named "_readme.txt" containin
During our analysis of malware samples on the VirusTotal platform, we came across the Wwpl ransomware, a member of the Djvu family. After infiltrating a computer, this ransomware encrypts data and appends the ".wwpl" extension to filenames. For instance, a file originally labeled "1.jpg" is change
While analyzing malware samples using the VirusTotal platform, we encountered the Wwza ransomware, which belongs to the Djvu family. Once it infiltrates a computer, this ransomware encrypts data and adds the ".wwza" extension to file names. For example, a file originally named "1.jpg" is altered t
While conducting a probe into a malevolent installer, we unexpectedly encountered TriceratopsProrsus and its alarming actions as a browser extension. These actions included implementing the "Managed by your organization" function in the Chrome browser, gathering various types of data, and controll
Our researchers discovered the EssentialEntry adware while inspecting new submissions to the VirusTotal site. This application is part of the AdLoad malware family. EssentialEntry operates by running intrusive advert campaigns. Adware stands for advertising-supported software. It is desi
FrequencyField is an adware-type application that we discovered while investigating new submissions to the VirusTotal website. This app is part of the AdLoad malware family. FrequencyField runs intrusive advertisement campaigns and may have other harmful abilities. Adware stands for adve
Our research team discovered the ElementSync application during a routine inspection of new file submissions to the VirusTotal platform. After analyzing this app, we determined that it is advertising-supported software (adware). It is pertinent to mention that ElementSync belongs to the AdLoad m
Our research team discovered the Travel Tab browser extension while investigating questionable websites. It is promoted as an easy-access tool for news relating to travel and hotels. After analyzing this piece of software, we determined that it is a browser hijacker. Travel Tab modifies browsers