Our research team discovered the BoY ransomware-type program while reviewing new submissions to VirusTotal. This malicious program is part of the Xorist ransomware family. Malware within this classification operates by encrypting data and demanding payment for decryption. On our test machine, BoY
Our team has tested the LifeProxy application and found that it operates as adware. While installed, LifeProxy displays unwanted advertisements. Also, this app can read sensitive information. Most users download and install adware unknowingly since it is often promoted and distributed using shad
While analyzing q3rrassa[.]click, we learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. This page uses a scare tactic to trick visitors into believing that their computers are infected and purchasing a legitimate antivirus solution. Also, q3rrassa[.]click asks for permis
After examining the Page Links Loader browser extension, our team determined that it is an advertising-supported application (adware) - it shows annoying advertisements. We discovered Page Links Loader on a shady website. Users often download and install or add adware inadvertently. Page L
After investigating the "Your Account Failed To Update" email, we determined that it is spam. This letter operates as a phishing scam seeking to extract the recipient's email account log-in credentials. The mail achieves this by falsely claiming that the recipient's account could not be updated.
After examining this email, we concluded that this is a fake email regarding a statement of account. It has a malicious PDF document attached to it. Cybercriminals behind this email aim to lure recipients into downloading and executing malware called Rhadamanthys. This email encourages rec
During a routine inspection of suspicious websites, our researchers discovered a page promoting the Tabs Organizer browser extension, wherein it is endorsed as an adblocker. Although, in the extension's description, this software is presented as a browser tab, bookmark, and history navigation opti
While checking out new submissions to VirusTotal, our researchers discovered the 725 ransomware. Evidence suggests that this malicious program could have been developed by the threat actors behind 32T ransomware. After we executed a sample of 725 on our test machine, it encrypted files and append
"Your Email Has Reached An Upgrade Stage Scam" refers to an email spam campaign. Our analysis of a letter belonging to this campaign revealed that it operates as a phishing scam. This spam mail aims to extract recipients' email account log-in credentials by claiming that their accounts will be clo
WebAge is the name of a rogue piece of software that we discovered while checking out new submissions to VirusTotal. After analyzing this application, we learned that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It operates by dis