Upon inspecting the Shop Tab browser extension, it became evident that it functions as a browser hijacker intended to promote shoptab.xyz, a fake search engine. Shop Tab alters a web browser's settings, effectively hijacking it. It is worth noting that many users unwittingly download and add appli
Realst is a malicious program that targets sensitive information. Two versions of this malware exist, targeting Apple and Windows devices, respectively. Of particular concern is that some of its most recent versions are designed to exploit macOS 14 Sonoma, the upcoming operating system that is s
CriminalBot is a piece of malicious software targeting Android users. Malicious software on Android devices can have various capabilities, including data theft, spying and surveillance, unauthorized access, ad fraud, and more. Thus, CriminalBot should be removed from affected devices as soon as po
Pathfinder is the name of a cross-platform Remote Access Trojan (RAT). This malware is capable of infecting Windows, Linux, and Android operating systems. RATs enable remote access and control over infected devices. Pathfinder boasts the ability to allow full control over compromised machine GUIs
While investigating untrustworthy websites, our research team discovered the Pick Your Language browser extension. It is promoted as an easy-access tool to a dictionary, thesaurus, and translator. However, after analyzing this extension, we determined that it is advertising-supported software (adw
During our analysis of InteriorDesignTab, we observed that it promotes idtwebsearch.com by hijacking web browsers. Like many other browser hijackers, InteriorDesignTab alters the browser settings. Such apps are often promoted and distributed through questionable methods, leading users to unintenti
While examining CurrencyTrack, we discovered that it promotes get.currencytrack.net by hijacking a web browser. Like most browser hijackers, CurrencyTrack changes the settings of a web browser. It is common for apps of this type to be promoted and distributed using dubious methods. Thus, users oft
During our analysis of samples submitted to the VirusTotal website, our team made a significant finding – a new member of the Djvu ransomware family named Wsaz. This malicious program is designed to encrypt files, rendering them inaccessible to victims. Since Wsaz is part of the Djvu family, it co
While examining samples on VirusTotal, our team detected a new variant of the Djvu ransomware family known as Wsuu. This variant encrypts data and appends the ".wsuu" extension to the targeted files. Following the encryption process, the ransomware leaves a ransom note named "_readme.txt". Wsuu e
Star Field is a rogue browser extension that our researchers discovered while examining deceptive sites. This extension promises to display star-themed browser wallpapers. After investigating Star Field, we determined that it is a browser hijacker. This extension makes modifications to browser se