While analyzing the Action Colors application, we learned that it is a browser extension that shows intrusive advertisements and can read and change all data on all web pages. Apps that generate unwanted advertisements are classified as adware. We discovered Action Colors on a shady website offeri
CentralGeo is a piece of rogue software. After we installed this app on our test machine, we learned that it operates as adware. CentralGeo runs intrusive advertisement campaigns, and it might cause redirects and collect private data. Additionally, this application is part of the AdLoad malware
Checkmate is the name of a malicious program classified as ransomware. It is designed to encrypt data and demand payment for the decryption. After we executed a sample of Checkmate on our test machine, it encrypted files and appended their filenames with a ".checkmate" extension. For example, a f
While examining malware samples submitted to the VirusTotal website, we discovered Readlockfiles ransomware that encrypts files. Readlockfiles belongs to the MedusaLocker ransomware family. It not only encrypts files but also renames them by appending the ".readlockfiles" extension to filenames an
After examining HorizonElite, we learned that it is a useless application that generates intrusive advertisements. Apps that show ads are classified as adware. We discovered HorizonElite while analyzing deceptive web pages suggesting that installed software is outdated. This app is distributed v
Watch is the name of ransomware belonging to the Dharma ransomware family. Our team discovered Watch while examining malware samples submitted to the VirusTotal site. The purpose of Watch ransomware is to encrypt files. Additionally, it modifies filenames, displays a pop-up window containing a ran
While inspecting dubious software-promoting websites, our researchers discovered the Filmedia browser extension. This piece of software is endorsed as an easy-access tool for movies. It is supposedly capable of providing the appropriate streaming services when users enter a film's title. However,
brutusptCrypt is a ransomware-type program. It is designed to encrypt data and demand payment for the decryption. When we executed a sample of this malware on our system, we learned that it appends the names of the encrypted files with a ".brutusptCrypt" extension. For example, a file initially ti
PLAY is the name of a ransomware-type program. Malware categorized as such operates by encrypting data and demanding ransoms for the decryption. After we executed a sample of this ransomware on our test machine, it encrypted files and appended their filenames with a ".PLAY" extension. For example
Dracarys is the name of Android spyware - malware that monitors activity and steals sensitive information. This spyware is distributed via fake websites by disguising it as legitimate applications. Trojanized apps have malicious code inserted into them to avoid detection. Dracarys/trojaniz