Laplas Clipper is the name of a clipper malware that checks the content of the victim's clipboard for cryptocurrency wallets. In the operating system, the clipboard is a temporary memory area in which data is stored while it is processed or transferred. Cybercriminals use clipper malware to replac
Our researchers discovered the CryptBB ransomware-type program while inspecting new submissions to VirusTotal. It is based on the LockBit 3.0 ransomware. Once we launched a sample of CryptBB on our test machine, it began encrypting files and altered their filenames. Original titles were appended
RomCom is the name of a Remote Access Trojan (RAT). Malware categorized as such is designed to enable remote access/control over infected machines. RATs can be highly multifunctional and thus pose a wide variety of threats. It is noteworthy that RomCom has been used in attacks against Ukraine's m
While examining the F**klocker malware, our team learned that it is ransomware designed to encrypt files, modify filenames, and drop a ransom note (the "README.txt" file). We discovered F**klocker while analyzing malware samples submitted to VirusTotal. F**klocker renames files by replacing their
Clicker is the name of a malicious program that targets Android devices. This malware operates akin to advertising-supported software (adware). It generates revenue through advertising. However, Clicker neither displays ads nor causes redirects to various websites. Instead, this piece of malicious
While analyzing various untrustworthy pages, our team discovered an advertising-supported application called PowerAnalytics. The purpose of PowerAnalytics is to display annoying (and untrustworthy) advertisements. It is highly advisable not to have any adware installed on a computer. Cli
While inspecting suspicious websites, our researchers discovered the finishupworld[.]com rogue page. It promotes browser notification spam and redirects visitors to other (likely untrustworthy/harmful) sites. Most users access webpages like finishupworld[.]com via redirects caused by sites that us
Our research team found the OperativeService rogue app while inspecting new submissions to VirusTotal. By analyzing this piece of software, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It operates by running int
Our researchers discovered the WARLOCK DARK ARMY malicious program, which is based on the Chaos ransomware, while inspecting new submissions to VirusTotal. After we executed a sample of this ransomware on our testing system, it began encrypting files and changed their names. Original filenames w
While inspecting news-fiyimo[.]com, we found that it displays deceptive content to lure visitors into allowing it to deliver notifications. Also, it redirects to a similar website. Our team discovered news-fiyimo[.]com while examining untrustworthy ads and pages that use rogue advertising networks