ThinDev is a rogue application, which our analysis revealed to be advertising-supported software (adware). It operates by running intrusive advertisement campaigns. Additionally, ThinDev belongs to the AdLoad malware family. Adware displays third-party graphical content (e.g., pop-ups, b
Our team investigated myhypenews[.]com and found that it displays a deceptive message to lure visitors into agreeing to receive its notifications. We discovered myhypenews[.]com while examining sites that use rogue advertising networks (display shady ads and redirect to pages like myhypenews[.]com
While analyzing various deceptive websites, our team discovered an application named TemplateFrame. After installing and testing this app, we found that it generates advertisements. Therefore, we classified TemplateFrame as adware. Clicking on advertisements displayed by TemplateFrame ca
LODEINFO is a backdoor-type malware capable of causing chain infections and stealing sensitive information from infected devices. As of September 2022, six versions of this program have been detected. The latest variants improve upon the malware's anti-detection/anti-analysis capabilities and have
Our team inspected tabs info browser extension and found that this app is designed to display annoying advertisements. Software that shows ads is called adware. It is common for adware to be distributed (and promoted) using deceptive methods. Therefore, users often install or add apps like tabs in
Our team inspected scantowebprotection[.]online and found that it runs the "McAfee - Your PC is infected with 5 viruses!" scam and asks for permission to show notifications. This page and its notifications are not trustworthy. We discovered scantowebprotection[.]online while examining websites tha
After testing the Streamic application, we learned that it is a browser extension that shows annoying (intrusive) advertisements. Also, it can read and change data on all pages. Apps that display ads are called adware. Adware is often installed and added to browsers by users unintentionally due to
Internalnetworkpc[.]com is a rogue page that our researchers discovered while inspecting dubious websites. The site in question promotes online scams and spam browser notifications. It is also capable of redirecting users to other (likely unreliable/dangerous) webpages. Sites like internalnetwork
While inspecting deceptive software-endorsing websites, our researchers discovered one promoting the Interesting Facts browser extension. This piece of software promises to display brief interesting facts from around the world. However, it also makes modifications to browser settings to promote t
Rar is ransomware - malware that uses encryption to prevent victims from accessing their files. We found that Rar appends the victim's ID, spystar1@onionmail.com email address, and ".Rar" extension to the filenames of all encrypted files. Also, it creates the "Read.txt" file that contains a ransom