Our research team discovered the aguhoa[.]com rogue page while inspecting dubious websites. This webpage runs scams, promotes browser notification spam, and redirects users to other (likely deceptive/malicious) sites. Most visitors to webpages like aguhoa[.]com access them via redirects caused by
Zerobot is a piece of malicious software written in the Go programming language. Zerobot has botnet capabilities, which have been observed in use to launch DDoS (Distributed Denial-of-Service) attacks. This program is a cross-platform malware capable of infecting Windows and Linux operating system
After downloading and installing DominantDisplay, we noticed that this app displays unwanted advertisements. Thus, we classified DominantDisplay as adware (advertising-supported software). Our team discovered DominantDisplay while browsing shady websites offering to install software updates, use
During a routine inspection of new malware submissions to VirusTotal, our research team found the Lucknite (ETH) ransomware. Programs within this classification are designed to encrypt data and demand payment for the decryption tools. After being executed on our test machine, Lucknite (ETH) encry
Truebot, also known as Silence.Downloader, is a malicious program that has botnet and loader/injector capabilities. This malware can add victims' devices to a botnet and cause chain system infections (i.e., download/install additional malicious programs/components). There is significant variation
Our team has examined vividcaptcha[.]top and found that it displays a deceptive message to trick visitors into allowing it to show notifications. Also, vividcaptcha[.]top redirects visitors to a scam website. We discovered vividcaptcha[.]top while visiting pages that use rogue advertising networks
When we installed a fake Adobe Flash Player updater on our testing system, we found that it was bundled with the ProvidedSearch Rogue application. This app ran intrusive advertisement campaigns, and due to this behavior – it is categorized as adware. Additionally, we learned that ProvidedSearch
We have investigated myreqdcompany[.]com and discovered that it shows a deceptive message to lure visitors into agreeing to receive notifications. Also, myreqdcompany[.]com redirects to other websites of this type. Our team discovered myreqdcompany[.]com while inspecting pages that use rogue adver
Juli is ransomware belonging to the VoidCrypt family. We discovered this ransomware variant while inspecting malware samples submitted to VirusTotal. Juli encrypts files, appends the victim's ID, juli1990@mailfence.com email address, and the ".Juli" extension to filenames, and drops the "unlock-in
Our team has discovered a new Djvu ransomware variant called Maos while examining malware samples submitted to the VirusTotal site. Maos encrypts files and appends the ".maos" extension to filenames. It also provides a ransom note (creates a text file named "_readme.txt"). An example of how Maos