TUGA is ransomware that encrypts files, appends its extension (".TUGA") to filenames, and leaves a ransom note ("README.txt"). Our team discovered TUGA while examining malware samples submitted to the VirusTotal website. An example of how TUGA renames files: it changes "1.jpg" to "2.jpg.TUGA", "2.
Umbral is the name of stealer-type malware. Malicious programs within this classification are designed to steal valuable information from infected devices. Umbral is able to extract and exfiltrate data from systems and various installed applications. It is noteworthy that this program has been obs
JokerSpy is the name of a backdoor malware targeting macOS operating systems. It is a sophisticated toolkit designed to breach macOS machines. JokerSpy utilizes a combination of Python and Swift programs that possess the capabilities to gather data and execute arbitrary commands on compromised c
Our research team discovered the ChannelLegion application while reviewing new submissions to the VirusTotal website. After examining this app, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. Its purpose is to gene
Our team has examined securecaptchatop[.]top and determined that its primary objective is to deceive visitors into granting permission to send notifications. The website employs misleading content to persuade visitors to enable notifications. In most cases, users open sites like securecaptchatop[.
After analyzing the LibraryBlog application, we found that it displays annoying advertisements. Apps that function this way are called advertising-supported applications (or adware). Typically, users install adware unknowingly. In addition to showing unwanted ads, LibraryBlog can read sensitive
Our team has discovered that updateinfoacademy[.]com presents a deceptive message with a purpose to deceive visitors into permitting it to send notifications. Furthermore, this website may redirect users to other dubious sites. Users often access sites like updateinfoacademy[.]com unknowingly or u
Super Mario 3 is the name given to a malware infection that infiltrates systems under the guise of a video game from the Super Mario franchise, specifically the fan-made Super Mario 3: Mario Forever game. The trojanized game arrives alongside XMR miner and SupremeBot mining client, and the latter
We discovered the DigitalCommand application while inspecting new submissions to VirusTotal. It operates by running intrusive ad campaigns, and due to this behavior – the app is categorized as adware. DigitalCommand also belongs to the AdLoad malware family. Adware stands for advertising
Our research team found the OperationTool adware-type app during a routine inspection of new submissions to the VirusTotal site. This piece of software belongs to the AdLoad malware family. It is designed to deliver intrusive advertisement campaigns. Adware stands for advertising-support