While inspecting spam emails, our researchers found one promoting the justpush[.]biz rogue website. This page pushes browser notification spam and redirects visitors to other (likely dubious/malicious) sites. Aside from spam mail, websites like justpush[.]biz are often accessed via redirects caus
While inspecting rogue webpages, our research team found the Search-Monster browser extension. On our test machine, it modified browser settings to promote the searchmonster.net fake search engine. Therefore, Search-Monster is considered to be a browser hijacker. Search-Monster assigns sea
Our research team discovered the ZeRy ransomware-type program while inspecting new submissions to VirusTotal. ZeRy is part of the Xorist ransomware family. On our testing system, this ransomware encrypted files and appended their filenames with a ".ZeRy" extension. To elaborate, a file initially
Basicnetworkpc[.]com is a rogue page that promotes online scams, pushes spam browser notifications, and redirects visitors to different (likely unreliable/hazardous) websites. Our researchers discovered this page while inspecting sites that use rogue advertising networks. In fact, most users ente
Globe Earth is a rogue browser extension that our researchers discovered while looking through suspicious websites. The promotional material states that this extension displays Google Earth images on new browser windows and tabs. However, our analysis revealed that this piece of software operates
Our research team discovered the yourcommonblog[.]com rogue page while looking through dubious websites. It promotes browser notification spam and redirects visitors to different (likely untrustworthy/malicious) sites. Most access webpages like yourcommonblog[.]com via redirects caused by sites u
Our research team found the PrimaryRotator app while investigating new submissions to VirusTotal. After inspecting this piece of software, we determined that it operates as adware and is part of the AdLoad malware family. Adware stands for advertising-supported software. It operates by d
Watch Movies is promoted as a browser extension allowing users to easily search for movies. We tested this app and found that it displays unwanted advertisements. Software that shows annoying ads is called adware. It is uncommon for adware to be downloaded and installed (or added to browsers) on p
While inspecting new submissions to VirusTotal, our researchers discovered a new malicious program called Faust - which belongs to the Phobos ransomware family. On our test machine, Faust ransomware encrypted files and changed their titles. Original filenames were appended with a unique ID, the c
Fate is ransomware (one of the Djvu ransomware variants) designed to encrypt files and change their extension to ".fate". It also creates the "_readme.txt" file that contains a ransom note. We discovered Fate while checking the VirusTotal page for recently submitted malware samples. An example of