Rusty Droid is the name given to a specific type of malware known as a Remote Access Trojan (RAT) that primarily targets Android users. A Remote Access Trojan is a malicious program that is designed to secretly infiltrate a user's device, in this case, an Android smartphone. Rusty Droid enables cy
After examining the page, it has come to light that its intent is to deceive visitors by making them believe their computers are compromised. This website runs a pop-up scam in which counterfeit messages surface, asserting the detection of security threats. Typically, these types of pages are util
Upon inspection of QuanticFit, it became obvious that its primary function revolves around displaying bothersome advertisements. These types of applications fall under the category of adware. It is imperative to underscore that users often install these applications inadvertently on their comput
During examination of PublicSystem, it has been found that its main purpose is to show annoying advertisements. Apps that operate like PublicSystem are called adware. It is crucial to emphasize that users often unintentionally install applications like PublicSystem on their computers. Th
While conducting an analysis of malware samples submitted to VirusTotal, we came across Ttrd, which is a ransomware variant associated with the Djvu family. Ttrd operates by encrypting files, adding the ".ttrd" extension to their filenames, and creating a ransom note in the form of a text file nam
During our analysis of a suspicious installer downloaded from an untrustworthy website, we encountered the MacropusRufus browser extension. Our investigation uncovered concerning characteristics associated with this software, including its ability to activate the "Managed by your organization" fea
While analyzing malware samples submitted to the VirusTotal platform, we encountered a ransomware variant named Ttwq. Ttwq encrypts files and modifies their filenames by adding the ".ttwq" extension. Furthermore, Ttwq is designed to create a text file called "_readme.txt", which contains a message
Our researchers discovered PerfectSave during a routine investigation of new file submissions to the VirusTotal platform. After examining this piece of software, we determined that it is adware belonging to the AdLoad malware family. PerfectSave operates by feeding users undesirable and deceptiv
Our research team discovered the OverallHelpDesk application while reviewing new submissions to the VirusTotal website. This app is advertising-supported software (adware) that is part of the AdLoad malware family. OverallHelpDesk delivers intrusive advertisement campaigns and may have other har
Our researchers discovered the Lapsus$ Group ransomware while investigating new malicious file submissions to the VirusTotal website. It operates by encrypting files to demand ransoms for their decryption. After launching an executable of this malware on our testing system, we learned that the na