"MultiPlug" and variants of it are detection names used by some security vendors to identify content that operates as advertising-supported software (adware). It is designed to run intrusive advertisement campaigns. In other words, adware displays advertisements on various interfaces. Furthermore,
Smartanswersonline.com is one of the untrustworthy search engines generating misleading results. We discovered smartanswersonline.com after adding a browser hijacker to a web browser. That browser hijacker promotes smartanswersonline.com by making changes in the settings of a web browser.
While inspecting new submissions to VirusTotal, our researchers found another ransomware called Dark. It belongs to the VoidCrypt ransomware family. Once we executed a sample of this ransomware on our test system, it encrypted files and altered their filenames. The file titles were appended with
While analyzing the discoverthebest.co site, we found that it is an untrustworthy search engine. We discovered discoverthebest.co after adding a shady extension to a web browser. That application promotes discoverthebest.co by hijacking a web browser (by changing its settings). Discoverthe
While inspecting dubious installation setups, we found a piece of software promoting the driversgalaxy.co fake search engine. Websites of this kind are promoted by browser hijackers, which achieve this by making alterations to browser settings. While driversgalaxy.co can provide search results, t
While inspecting deceptive websites offering to download "useful" applications, fake installers, etc., we discovered an application called PlatformFormat. While testing this app, we found that it functions as adware - it displays annoying/unwanted and untrustworthy advertisements. Thus, Platform
Qqlo is ransomware that encrypts files and appends the ".qqlo" extension to filenames. It also drops a text file ("_readme.txt") that contains a ransom note. We discovered Qqlo while analyzing malware samples submitted to the VirusTotal web page. Qqlo belongs to a ransomware family called Djvu. A
Our research team discovered the Qqlc ransomware-type program during a routine investigation of new submissions to VirusTotal. It is yet another program belonging to the Djvu ransomware family. After we executed a sample of this malware on our test machine, it encrypted files and appended their f
While checking the VirusTotal page for recently submitted malware samples, we discovered a new Djvu ransomware called Qqmt. Malware of this type encrypts files to force victims to pay for a decryption tool. Usually, ransomware also provides a ransom note and modifies filenames. Qqmt drops the "_re
While testing the AssistSample application, we found that it shows annoying advertisements. Apps of this type are classified as adware (advertising-supported software). Our team discovered the AssistSample app while examining a deceptive website designed to download a fake Adobe Flash Player ins