Stablepcprotection[.]com is a rogue webpage that our researchers discovered while inspecting questionable sites. It is designed to run scams and push spam browser notifications. Furthermore, this page can redirect users to different (likely unreliable/malicious) websites. Most visitors to webpage
While investigating new submissions to VirusTotal, our researchers discovered the SDK ransomware. This malicious program is part of the Phobos ransomware family. After we executed a sample of SDK ransomware on our testing system, it encrypted files and altered their filenames. Original titles wer
Our researchers discovered the MainHandler app while inspecting new submissions to VirusTotal. An investigation of this software revealed that it is adware belonging to the AdLoad malware family. MainHandler operates by displaying various advertisements, and it may have other harmful abilities.
During the analysis of malware samples submitted to VirusTotal, our team of malware experts discovered Coty - ransomware belonging to the Djvu family. Coty encrypts data, adds the ".coty" extension to the filenames, and creates a ransom note named "_readme.txt". An example of how Coty modifies fi
BinaryOptimizer is a rogue application that our research team discovered while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it is adware. It is also pertinent to mention that BinaryOptimizer belongs to the AdLoad malware family. Adware stands for
Greatcaptchanow[.]top and the variants of this domain as well as those related to it (e.g., greatcaptchasnow[.]top, etc.) belong to rogue websites, which we discovered during a routine inspection of untrustworthy sites. These pages are designed to host questionable content and promote browser not
LockBit is the name of a ransomware targeting Mac Operating Systems (OSes). It is associated with the LockBit ransomware gang – the developers of LockBit, LockBit 2.0, LockBit 3.0, and various other variants. The aforementioned malware target Windows, Linux, and VMware ESXi servers. At the time
Recov is ransomware belonging to the VoidCrypt family. Our malware researchers discovered Recov while examining malware samples submitted to VirusTotal. They found that Recov encrypts data, modifies filenames, and drops a ransom note ("Dectryption-guide.txt"). Recov appends the victim's ID, an em
Goldoson is an Android malware that compiles a list of installed applications and records the history of Wi-Fi and Bluetooth devices, including GPS locations in close proximity. Additionally, the software includes a feature that allows it to engage in ad fraud by clicking on ads in the background
While investigating deceptive web pages (including sites that offer updates for supposedly outdated software), our team came across LauncherProgress, an application we deemed questionable. Once installed, LauncherProgress began displaying unwanted advertisements, leading us to classify it as adw