Hot-investing-news[.]com is a rogue page that we discovered during a routine inspection of suspicious websites. This page is designed to promote deceptive content, push browser notification spam, and redirect visitors to other (likely untrustworthy/dangerous) websites. Most users access webpages
AdjustableBox is a rogue app that we discovered while inspecting new submissions to VirusTotal. Our analysis of this application revealed that it is advertising-supported software (adware). We also determined that AdjustableBox is part of the AdLoad malware family. Adware operates by ena
While reviewing new malware submissions to VirusTotal, our researchers discovered the Masons ransomware-type program. After we executed a sample of Masons on our testing system, it encrypted files and appended their filenames with a ".masons" extension. For example, a file named "1.jpg" appeared
GoogleUpdate is a malicious program that we found after installing a rogue setup downloaded from a deceptive webpage. The installer was also bundled with adware. Therefore, if GoogleUpdate is present on the system – other unwanted or malicious content has likely infiltrated it as well. Aft
While inspecting dubious websites, our researchers discovered the smilerweek[.]com rogue webpage. It operates by pushing spam browser notifications and redirecting visitors to different (likely untrustworthy/malicious) sites. Users typically enter smilerweek[.]com and similar webpages via redirec
Script is ransomware used by cybercriminals to encrypt data and demand payment in exchange for a decryption tool. Our team found that Script is part of the Chaos ransomware family. In addition to encrypting files, Script appends the ".Script" extension to filenames, changes the desktop wallpaper a
While checking the VirusTotal page for recently submitted malware samples, we discovered ransomware belonging to the Djvu family dubbed Erqw. This ransomware encrypts data and appends the ".erqw" extension to filenames. Also, it provides a ransom note (creates the "_readme.txt" file). An example
While checking out untrustworthy websites, our researchers discovered an installation setup bundled with the PrintManager malicious program. Additionally, this installer was packed together with adware. Therefore, if a PrintManager infection is detected – it is likely that other unwanted/malicious
We have analyzed the news-mexobi[.]com page and found that it uses a clickbait technique to trick visitors into permitting it to send notifications. Also, news-mexobi[.]com redirects to other deceptive websites. Thus, this site cannot be trusted. News-mexobi[.]com displays a fake video pla
While inspecting rogue websites, our research team discovered the "Ledger Data Damage Error: 0x0m3Ck8n" phishing scam. It is disguised as the Ledger website and targets users' Ledger-based cryptocurrency wallets. After investigating "Ledger Data Damage Error: 0x0m3Ck8n", we determined that this s