Our researchers discovered the Lapsus$ Group ransomware while investigating new malicious file submissions to the VirusTotal website. It operates by encrypting files to demand ransoms for their decryption. After launching an executable of this malware on our testing system, we learned that the na
While inspecting new submissions to the VirusTotal platform, our research team discovered the PositiveConnectivity adware-type app. It is part of the AdLoad malware family. This application is designed to generate revenue for its developers by feeding users with unwanted and deceptive adverts. I
SULINFORMATICA is a ransomware-type program discovered by our researchers during a routine investigation of new submissions to the VirusTotal website. This malicious program is designed to encrypt data and demand payment for its decryption. After we executed a sample of SULINFORMATICA on our test
SysUpdate is the name of a malware that is classified as a backdoor. Programs within this class are designed to infiltrate systems stealthily and may open a "backdoor" for further infection. While SysUpdate has been around since at least 2020, it has continued to undergo improvements. Historicall
BunnyLoader is the name of malware available for purchase (for $250) by cybercriminals across multiple online forums. It is presented as a Malware-as-a-Service (MaaS) and provides a range of features, such as downloading and executing a second-stage payload and harvesting browser credentials and s
Our researchers found the ProgressivePhase app during a routine inspection of new submissions to the VirusTotal website. After examining this piece of software, we learned that it is adware belonging to the AdLoad malware family. ProgressivePhase is designed to feed users with unwanted and decep
While inspecting a questionable installer obtained from a dubious website, we came across the Mustelidae browser extension. Our examination revealed troubling attributes linked to this application, such as its capability to enable the "Managed by your organization" feature within the Chrome browse
PortalServer is a rogue app that our research team found during a routine investigation of new file submissions to VirusTotal. Our analysis revealed that this application is advertising-supported software (adware). PortalServer is part of the AdLoad malware family. Adware is designed to
After inspecting PortableTap, it is evident that its primary function is to bombard users with intrusive advertisements. In more straightforward terms, PortableTap functions as adware. It is essential to highlight that applications resembling PortableTap are frequently unintentionally installed
Upon assessment, it became clear that the primary goal of PixelRotator is to inundate users with intrusive advertisements. In essence, PixelRotator operates as adware. It is important to emphasize that applications like PixelRotator are often unintentionally installed by users due to the tactics