Our researchers discovered the MainHandler app while inspecting new submissions to VirusTotal. An investigation of this software revealed that it is adware belonging to the AdLoad malware family. MainHandler operates by displaying various advertisements, and it may have other harmful abilities.
During the analysis of malware samples submitted to VirusTotal, our team of malware experts discovered Coty - ransomware belonging to the Djvu family. Coty encrypts data, adds the ".coty" extension to the filenames, and creates a ransom note named "_readme.txt". An example of how Coty modifies fi
BinaryOptimizer is a rogue application that our research team discovered while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it is adware. It is also pertinent to mention that BinaryOptimizer belongs to the AdLoad malware family. Adware stands for
Greatcaptchanow[.]top and the variants of this domain as well as those related to it (e.g., greatcaptchasnow[.]top, etc.) belong to rogue websites, which we discovered during a routine inspection of untrustworthy sites. These pages are designed to host questionable content and promote browser not
LockBit is the name of a ransomware targeting Mac Operating Systems (OSes). It is associated with the LockBit ransomware gang – the developers of LockBit, LockBit 2.0, LockBit 3.0, and various other variants. The aforementioned malware target Windows, Linux, and VMware ESXi servers. At the time
Recov is ransomware belonging to the VoidCrypt family. Our malware researchers discovered Recov while examining malware samples submitted to VirusTotal. They found that Recov encrypts data, modifies filenames, and drops a ransom note ("Dectryption-guide.txt"). Recov appends the victim's ID, an em
Goldoson is an Android malware that compiles a list of installed applications and records the history of Wi-Fi and Bluetooth devices, including GPS locations in close proximity. Additionally, the software includes a feature that allows it to engage in ad fraud by clicking on ads in the background
While investigating deceptive web pages (including sites that offer updates for supposedly outdated software), our team came across LauncherProgress, an application we deemed questionable. Once installed, LauncherProgress began displaying unwanted advertisements, leading us to classify it as adw
Upon analyzing the Infinity V+ New Tab browser extension, we discovered that it takes control of a web browser by altering its settings. The intended function of Infinity V+ New Tab is to promote trovi.com, which is a fake search engine. It is important to note that users rarely purposefully downl
Our team identified the Coza ransomware, which belongs to the Djvu family, while examining samples on VirusTotal. This malware encrypts data and modifies the names of affected files by adding the ".coza" extension. Once the encryption process is finished, a ransom note is left behind in the form o