ExperienceSys is a rogue app that we discovered while investigating new submissions to the VirusTotal website. Our analysis of this application revealed that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It is designed to feed user
"Your Account Has Been Temporarily Disabled" is a phishing email. This mail aims to trick recipients into disclosing the email account log-in credentials by falsely claiming that their account has been blocked for the time being. The spam email with the subject "Fix Error Authentication Pr
Our research team discovered the DogsFan extension while investigating suspect websites. This piece of software displays browser wallpapers featuring canines. However, after examining this browser extension, we learned that it modifies browser settings in order to promote the goog.dogsfanext.com
Our analysis of the "Account Violation Detected" email revealed that it is spam. This letter makes false claims regarding violations of the recipient's email account. The aim of this phishing mail is to trick users into disclosing their log-in credentials. The email with the subject "Final
TradeAero is a rogue application discovered by our researchers during a routine inspection of new submissions to VirusTotal. After examining this app, we determined that it is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to feed users
Following a thorough analysis of FeedWild, our team has concluded that its main purpose is to show disruptive advertisements to users. These types of applications are classified as adware. It is crucial to emphasize that apps like FeedWild are often downloaded and installed without users' knowle
During our examination of Your Best World News Extension, it became clear that its purpose is to act as a browser hijacker (to promote search.best-news-world.com, a deceptive search engine). Your Best World News Extension modifies the settings of the web browser to force users to use search.best-n
Our researchers found the Dancing Tubes browser extension during a routine inspection of dubious websites. After analyzing this extension, we determined that it operates by hijacking browsers. Dancing Tubes makes alterations to browser settings in order to promote (via redirects) the search.danci
While examining malware samples submitted to VirusTotal, our team came across Wspn, a Djvu ransomware family member. Wspn's main objective is to encrypt files, and it also modifies filenames by adding the ".wspn" extension. Furthermore, it creates a ransom note named "_readme.txt". As an example,
In our investigation of Gradient Blobs, we discovered that this extension operates as a browser hijacker. Our findings revealed that its primary aim is to endorse search.gradientblobs.net, a deceptive search engine. Gradient Blobs accomplishes this by altering the settings of a web browser.