Minas is the name of a cryptocurrency mining malware. It is based on the legitimate XMRIG application designed to mine Monero cryptocurrency. Malware within this classification puts enormous strain on infected machines – thus endangering system and hardware health. Minas employs multiple t
Our researchers discovered the akice.co[.]in rogue site during a routine inspection of untrustworthy websites. It is designed to promote browser notification spam and, at the time of research, used fake CAPTCHA verification for this purpose. Additionally, this page can redirect visitors to differe
While investigating dubious webpages, our researchers discovered the Best Wallpapers browser extension. It is endorsed as a tool that displays browser wallpapers. After installing this extension on our test machine, we learned it is a browser hijacker. Best Wallpapers modifies browser settings to
Our research team discovered the DoubleCache application while investigating new submissions to VirusTotal. After analyzing this piece of software, we determined that it is adware. It is worth noting that DoubleCache is part of the AdLoad malware family. Adware stands for advertising-sup
Adfuhbazi is a ransomware-type program that our researchers discovered while reviewing new submissions to the VirusTotal website. This malicious program is part of the Snatch ransomware family. On our testing system, Adfuhbazi encrypted files and appended their filenames with a ".adfuhbazi" exten
Upon examining online-deal[.]click, we found that it is a deceptive website running a scam similar to "Your PC is infected with 5 viruses!". Additionally, online-deal[.]click wants to show notifications. We discovered online-deal[.]click while inspecting various pages that use rogue advertising ne
In our examination of pages associated with dubious advertising networks, we encountered checkrobotpage[.]online. Our findings revealed that this website uses a clickbait strategy to mislead visitors into granting notification permission and redirects them to fraudulent websites. Therefore, it is
JSOutProx is a JScript-based Remote Access Trojan (RAT). Malware within this classification operates by enabling remote access and control over infected machines. RATs tend to be highly multifunctional pieces of software capable of performing various actions. JSOutProx has been in use since at le
ObserverStealer is an information-stealing malware. It is available for purchase at a price of $150 per month, targeting Windows operating systems from Windows 8.1 to Windows 11. The creators of ObserverStealer claim that the malware is still in Beta, indicating ongoing development and potential f
Securecaptcha[.]top is a rogue page that promotes browser notification spam and redirects visitors to other (likely untrustworthy/malicious) sites. Our research team discovered this webpage while investigating suspicious websites. Most visitors to pages like securecaptcha[.]top access them via re