While testing the ProcessorPremiere application, our team noticed that it shows annoying advertisements. Thus, we classified ProcessorPremiere as adware. We also found that ProcessorPremiere can read sensitive information. It is worth mentioning that users rarely download and install adware on p
Our team has examined eredhadbeen[.]xyz and found that it displays a deceptive message to lure visitors into allowing it to show shady notifications. Also, eredhadbeen[.]xyz redirects visitors to other untrustworthy web pages. Typically, users open websites like eredhadbeen[.]xyz unintentionally.
While examining malware samples submitted to the VirusTotal website, our team discovered ransomware belonging to the Phobos family called STEEL. This ransomware encrypts files and appends the victim's ID, codeofhonor@tuta.io email address, and the ".STEEL" extension to filenames. Also, STEEL prov
Our researchers discovered the globaladvdomservices[.]com rogue page while investigating dubious websites. It operates by promoting spam browser notifications, at the time of research, through the use of fake CAPTCHA verification. Additionally, this webpage can redirect visitors to other (likely u
Our research team discovered the InstantFresh app while investigating new submissions to VirusTotal. Our inspection of this application revealed that it is advertising-supported software (adware) belonging to the AdLoad malware family. InstantFresh runs intrusive advertisement campaigns and may
GOGO is a ransomware-type program we discovered while checking out new submissions to VirusTotal. It belongs to the VoidCrypt ransomware family. We executed a sample of GOGO ransomware on our testing system, and we learned that it encrypts files and appends their filenames with a unique ID assign
Our researchers discovered the wholenicefeed[.]com rogue page while inspecting suspicious websites. It operates by promoting spam browser notifications and redirecting visitors to other (likely dubious/malicious) sites. Users typically access webpages like wholenicefeed[.]com via redirects caused
While checking out new submissions to VirusTotal, our researchers found the Covid29 ransomware-type program. Malware within this category aims to extract payment (ransoms) from victims – typically for the decryption of encrypted files. However, Covid29 does not operate in this manner. Several min
Youngmedias[.]biz is one of the websites that display deceptive messages to lure visitors into agreeing to receive notifications from them. Usually, users open such pages inadvertently. We discovered youngmedias[.]biz while inspecting sites that use shady advertising networks. There are at
Our team has tested the App browser extension and found that it functions as a browser hijacker. The purpose of this extension is to promote various fake search engines. Also, the App extension adds the "Managed by your organization" feature to Chrome browsers. We discovered it on a deceptive web