SecureAgent is a ransomware-type program that our researchers discovered while reviewing new submissions to VirusTotal. Malware within this classification is designed to encrypt data and demand ransoms for decryption. After we launched a sample of SecureAgent on our testing system, it encrypted t
Our team has examined the Web Image Downloader and found this browser extension shows annoying (intrusive) advertisements. Apps that display ads are classified as adware. Users rarely download and install adware since software of this type is often promoted and distributed using deceptive methods.
While inspecting sites that use rogue advertising networks, our researchers discovered the "McAfee - TROJAN_2022 And Other Viruses Detected" scam. This fake content states that the site visitor's device has multiple infections. It must be emphasized that these claims are fake, and this scam is in
Click-video*[.]com is a group of websites (e.g., click-videov[.]com, click-videot[.]com, click-videom[.]com, click-videok[.]com, and others) that display deceptive messages to lure visitors into agreeing to receive notifications. We discovered these sites while inspecting other questionable pages.
After inspecting the "Abandoned Funds" email, we determined that it is spam. The fake sender is identified as a banker seeking to transfer funds from a deceased client and share them between themselves and the recipient. This spam mail operates as a phishing scam aiming to obtain personally ident
VectorStealer is a malicious program designed to steal sensitive data. It is classified as an information stealer. Typically, stealers run silently in the background to avoid suspicion. Threat actors use various ways to trick users into infecting computers with information-stealing malware.
While checking the VirusTotal page for recently submitted malware samples, we discovered ransomware dubbed FinD0m. The purpose of this malware is to encrypt files. Also, FinD0m drops the "FinD0m.txt" file and appends the ".FinD0m" extension to filenames (e.g., renames "1.jpg" to "1.jpg.FinD0m", "2
Our team has analyzed yourtopleveldefence[.]site and learned that the purpose of this site is to trick visitors into purchasing antivirus software. However, yourtopleveldefence[.]site uses a scare tactic to promote that software - it displays a fake virus warning. Typically, users open such pages
Our team has tested the Word Counter Widget browser extension and found that it displays intrusive advertisements. Thus, we classified Word Counter Widget as adware. Adware is often promoted and distributed using deceptive or other questionable methods. We discovered Word Counter Widget on a shady
Securitypczone[.]site is a rogue site that our research team discovered during a routine investigation of suspicious webpages. At the time of research, it promoted the "Norton Security - Your PC Might Be Infected With Viruses!" scam. This page also pushed spam browser notifications. Additionally,