After testing the Secure Audio Relay application, we learned that it bombards users with intrusive advertisements. Software of this type is called adware. Our team discovered Secure Audio Relay on a shady website. It is common for adware to be promoted and distributed using questionable (often dec
Our research team found the track-scanner[.]com rogue page during a routine inspection of questionable websites. It is designed to host online scams, promote browser notification spam, and redirect visitors to other (likely untrustworthy/malicious) webpages. Most users enter sites like track-scan
While inspecting new submissions to VirusTotal, our researchers found the ClutchTrend application. Our analysis revealed that this app operates as advertising-supported software (adware). Furthermore, it is pertinent to mention that ClutchTrend is part of the AdLoad malware family. Adwar
Bestshoppingresults.com is the address of a fake search engine. Websites of this kind are promoted by browser-hijacking software. It modifies browser settings in order to cause redirects to illegitimate search engines. Furthermore, browser hijackers and the sites they promote usually collect priva
DataBankasi is a piece of malicious software categorized as ransomware. It is designed to encrypt data and demand ransoms for decryption. After we executed a sample of DataBankasi on our test system, this ransomware encrypted files and appended their filenames with a ".databankasi" extension. For
Spartan Hack is the name of ransomware based on another ransomware called Chaos. We discovered it while examining malware samples submitted to the VirusTotal website. The purpose of Spartan Hack is to encrypt files (to make them inaccessible for victims). Also, Spartan Hack renames files, changes
ExplorerIndex is an advertising-supported application. The purpose of this application is to generate intrusive advertisements. Usually, adware is promoted and distributed using deceptive methods. We discovered ExplorerIndex while inspecting deceptive websites suggesting that the Adobe Flash Pla
"Windows Defender email scam" refers to spam emails disguised as messages regarding a contract renewal for "Windows Defender". It must be emphasized that these letters are fake and in no way associated with the Microsoft Defender Antivirus (formerly named Windows Defender) or its developers - the
RokRAT is the name of a Remote Administration Trojan (RAT). Cybercriminals use RATs to access infected computers remotely and perform malicious tasks. RATs allow them to achieve almost any objective on the infected system. Usually, RATs are used to drop additional payloads (inject other malware) o
888 (also known as LodaRAT and Gaza007) is a Remote Access Trojan (RAT) targeting Android operating systems. Trojans of this type enable remote access/control over infected devices. Initially, the 888 RAT's developers offered this piece of malicious software for sale as Windows OS (Operating Syst