Our research team found the gregoryfavorite[.]space rogue website during a routine investigation of suspect sites. This page aims to trick visitors into allowing it to deliver browser notification spam. Furthermore, it can redirect users elsewhere (likely dubious/malicious websites). Most visitor
Gossip-incoming-news[.]com is a rogue webpage that we discovered while investigating dubious sites. It is designed to endorse browser notification spam and redirect visitors to different (likely unreliable/malicious) websites. The majority of users access gossip-incoming-news[.]com and similar pa
While checking out the new submissions to the VirusTotal website, our research team found the EnginePro app. Following our examination, we determined that this application is adware belonging to the AdLoad malware family. EnginePro operates by delivering intrusive advertisement campaigns and may
CenterNow is a rogue application that we discovered while inspecting new submissions to the VirusTotal website. After examining this app, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It operates by delivering in
PirateStealer is a stealer-type malware. This malicious program is designed to exfiltrate information from infected devices. At the time of writing, PirateStealer is offered for sale on hacker forums – hence, its proliferation is dependent on the cyber criminals' using it. Following infilt
DynamicRAT is a Remote Access Trojan (RAT) with an extensive range of capabilities that enable complete control over the targeted device. DynamicRAT allows cybercriminals to gain control over the compromised system, steal sensitive information, perform malicious activities, and potentially distrib
PowerDrop is the name of the malware seen in targeted attacks aimed specifically at the U.S. aerospace defense industry. PowerDrop leverages PowerShell and Windows Management Instrumentation (WMI) to establish a persistent Remote Access Trojan (RAT) within compromised networks. The specific method
Anxz is the name of a ransomware-type program that our researchers discovered while investigating new submissions to the VirusTotal website. This malicious program is based on the Chaos ransomware. It operates by encrypting data and demanding payment for its decryption. After we executed a sample
While inspecting adstopc[.]com, our team found that it displays misleading content to receive permission to send notifications. Moreover, adstopc[.]com has the potential to redirect visitors to other shady websites. We discovered adstopc[.]com during our examination of pages associated with rogue
While investigating new submissions to the VirusTotal site, our researchers discovered the LMAO ransomware. This program is based on the Chaos ransomware, and it is designed to encrypt data and demand ransoms for its decryption. On our test machine, LMAO encrypted files and appended their filenam