While inspecting new submissions to the VirusTotal website, our research team discovered the AdminRotator application. Our analysis of this app revealed that it is advertising-supported software (adware). AdminRotator is part of the AdLoad malware family. Adware stands for advertising-su
After inspecting the "American Express - Update Your Account Information" email, we determined that it is fake. It notifies the recipient of an "important security check" that requires them to update their American Express account. This phishing mail aims to deceive recipients into disclosing thei
After examining the "Specialized Hacker Succeeded In Hacking Your Operating System" email, we determined that it is spam. This letter is a sextortion scam; it makes false claims about explicit videos made of the recipient that will be distributed to their contacts unless a ransom is paid. It must
During the evaluation of the ForsythiaIntermedia browser extension, we observed concerning behavior. For instance, it introduces the "Managed by your organization" feature to Chrome browsers. We discovered ForsythiaIntermedia while analyzing a malicious installer sourced from an unreliable webpage
While examining a malicious installer, our research team came across the PicaPica application. This installer was found on a dubious website. The PicaPica app exhibits the capability to execute suspicious activities, such as adding the "Managed by your organization" feature to Chrome browsers.
"You Mailbox Failed 2 Security Test" is a phishing email. It is presented as a warning regarding the recipient's email account failing several security tests and pending deactivation. However, this information is false; it is intended to trick users into disclosing their log-in credentials.
After a thorough assessment of the Quick Workspace, our team discovered that its purpose primarily revolves around acting as a browser hijacker, with the intention of promoting the fake search engine find.searchu.co. The extension modifies a web browser's settings to exert control over its behavio
Quick Email is a rogue browser extension that promises easy access to email accounts and other popular platforms. However, after investigating this piece of software, we determined that it is a browser hijacker. This extension modifies browser settings to endorse the find.searchu.co fake search en
During the analysis of a malicious installer, our research team encountered the Viverridae application. This installer was discovered on a questionable website. Viverridae app possesses the ability to perform questionable actions, including the addition of the "Managed by your organization" featur
Django is malicious software known as ransomware. The purpose of this malware is to encrypt files. Also, Django appends the ".Django" extension to filenames (e.g., it renames "1.jpg" to "1.jpg.Django", "2.png" to "2.png.Django", etc.). Additionally, it provides a ransom note ("#RECOVERY#.txt").