During a routine inspection of new submissions to VirusTotal, our researchers discovered a ransomware called CRPT. We determined that this malicious program is part of the VoidCrypt ransomware family. After we executed a sample of CRPT on our test machine, it encrypted files and altered their tit
While examining this email, we learned that it is sent by scammers who aim to trick recipients into calling a fake support number. Scammers behind it claim that recipients have been charged a specified amount of money for the Windows Defender Advanced Threat Protection subscription. They disguised
Quick Online Recipes is a rogue browser extension that our researchers discovered while investigating suspicious software-promoting webpages. This extension is presented as an easy-access tool for food recipes and other cooking-related content. Our analysis of this piece of software revealed that
While testing the IntranetLookup application, we found that it is an advertising-supported application - it shows annoying advertisements. Typically, users install such apps inadvertently. Our team discovered this IntranetLookup on a deceptive website claiming that the Adobe Flash Player is out
Our researchers found the JourneyDrive application while inspecting new submissions to VirusTotal. After analyzing this app, we learned that it operates as adware and belongs to the AdLoad malware family. Adware is designed to enable the placement of third-party graphical content (variou
ZeNyA is ransomware belonging to a ransomware family called Xorist. We discovered ZeNyA while checking the VirusTotal page for recently submitted malware samples. ZeNyA encrypts files and appends its extension (".ZeNyA" to filenames. Also, it shows an error window and creates the "HOW TO DECRYPT F
After examining scanuralerts[.]com, we learned that it is a deceptive website running the "McAfee - Your PC is infected with 5 viruses!" scam. Also, it asks for permission to deliver notifications. Our team discovered scanuralerts[.]com while inspecting websites that use rogue advertising networks
Our research team discovered the AccessibleInput application while investigating new submissions to VirusTotal. After analyzing this app, we determined that it operates as adware and is part of the AdLoad malware family. Adware stands for advertising-supported software. It is designed to
While investigating suspicious websites, our researchers discovered the "Avira - Your System Was Corrupted" scam. It claims that the visitor's device is infected and urges them to perform a scan. It must be emphasized that this scam is in no way associated with either the Avira anti-virus or Avira
While inspecting suspect software-promoting websites, our research team found the Dood Colors browser extension. This piece of rogue software promises to allow users to change webpage background colors. After analyzing Dood Colors, we determined that it operates as advertising-supported software (