Our researchers found the ConnectionLocator app during a routine investigation of new submissions to the VirusTotal site. This piece of software operates as adware. It is pertinent to mention that ConnectionLocator is part of the AdLoad malware family. Adware stands for advertising-suppo
Our researchers discovered the Coffee Ext browser extension during a routine investigation of dubious websites. It is promoted as a tool that provides easy access to coffee recipes. After examining this extension, we learned that it is browser-hijacking software. Coffee Ext operates by modifying
ApplicationLaser is a rogue app that our researchers discovered while investigating new submissions to VirusTotal. After inspecting this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It operate
"Confirm Account To Avoid Termination" is a phishing email falsely claiming that authentication is necessary to prevent the deletion of the recipient's account. This spam mail aims to steal email accounts through a fake sign-in page. The spam email with the subject "IMPORTANT NOTICE ON EMA
Our inspection of the "Alert! Mail Client Security Notification" email revealed that it is spam. The letter makes false claims regarding suspicious sign-in attempts to the recipient's email account. This spam mail aims to extract log-in credentials through a phishing website. The email wit
Allahu Akbar is a ransomware-type program that our research team discovered while investigating new malware submissions to the VirusTotal website. This malicious program is designed to encrypt data and demand payment for its decryption. On our testing system, Allahu Akbar ransomware encrypted fil
Duke is the general name for malware toolsets used by the APT29 APT (Advanced Persistent Threat) actor, also known as The Dukes, Cloaked Ursa, CozyBear, Nobelium, and UNC2452. APT29 is a Russian state-sponsored group associated with the Foreign Intelligence Service of the Russian Federation (SVR R
StandartInitiator is an adware-type application that we discovered while investigating new submissions to the VirusTotal website. This piece of advertising-supported software is part of the AdLoad malware family. StandartInitiator is designed to run intrusive advertisement campaigns by feeding u
"Stalled Funds - United Bank Of Africa" is a phishing email targeting recipients' personally identifiable and financial information. The letter aims to extract the highly sensitive data by falsely claiming that a nonexistent payment to the recipient, which has been unjustly stalled, will be transf
JanelaRAT is a Remote Access Trojan (RAT). It is a piece of sophisticated malicious software designed to enable remote access and control over compromised machines. JanelaRAT has been observed being implemented in attacks targeting Latin American banking and financial institutions. Based on the u