While investigating deceptive web pages (including sites that offer updates for supposedly outdated software), our team came across LauncherProgress, an application we deemed questionable. Once installed, LauncherProgress began displaying unwanted advertisements, leading us to classify it as adw
Upon analyzing the Infinity V+ New Tab browser extension, we discovered that it takes control of a web browser by altering its settings. The intended function of Infinity V+ New Tab is to promote trovi.com, which is a fake search engine. It is important to note that users rarely purposefully downl
Our team identified the Coza ransomware, which belongs to the Djvu family, while examining samples on VirusTotal. This malware encrypts data and modifies the names of affected files by adding the ".coza" extension. Once the encryption process is finished, a ransom note is left behind in the form o
After examining the NanoAccess application, we discovered that it displays intrusive advertisements. Consequently, we have categorized NanoAccess as adware, which is often distributed through dubious and misleading methods. As a result, unsuspecting users can unintentionally download and install
Our discovery revealed that the Unitab World Clock is a browser extension that takes control of web browsers (hijacks them) to promote search.unitab.me. This website is a fake search engine that does not produce its own search results. Browser hijackers are commonly downloaded and installed by use
After examining this email, our team concluded that it is a fraudulent email that masquerades as a letter from the assistant secretary general of the United Nations. Scammers behind it attempt to lure recipients into providing sensitive information or transferring money. Thus, recipients should ig
During our assessment of the MetroToken application, our team observed that it exhibits intrusive ads. As a result, we classified it as adware or software that supports advertising. Adware is typically installed unintentionally by users. Our detection of MetroToken occurred while examining decep
Upon testing the Sports Madness browser extension, we learned it is a browser hijacker promoting sportmadness.info, a fake search engine. Sports Madness hijacks web browsers by changing their settings. Usually, users download and add browser-hijacking apps inadvertently. Sports Madness is
Pwpdvl is ransomware that our team discovered while checking the VirusTotal site for recently submitted samples. Upon investigating Pwpdvl, we found that it encrypts files, appends the victim's ID and ".pwpdvl" extension to filenames, and creates a ransom note ("RESTORE_FILES_INFO.txt" file). An
Upon analyzing the RichExts application, we have determined that it is a browser extension that is designed to take over web browsers (hijack them). The application alters the browser settings to forcefully push a fake search engine (sweetrnd.net). Furthermore, RichExts possesses the capacity to a