Our researchers discovered a new ransomware-type program belonging to the Phobos family - called FILE. Malware within this category operates by encrypting data in order to demand ransoms for the decryption. After we executed a sample of File ransomware on our test machine, it encrypted files and
Our researchers discovered the estimatorone[.]xyz rogue page during a routine investigation of untrustworthy websites. This webpage runs scams, promotes browser notification spam, and redirects visitors to different (likely unreliable or malicious) sites. Usually, webpages like estimatorone[.]xyz
ResolutionProduct is a rogue application, which our researchers discovered while inspecting new submissions to VirusTotal. After analyzing ResolutionProduct, we determined that it operates as advertising-supported software (adware). Additionally, this app is part of the AdLoad malware family.
While inspecting rogue sites, our research team discovered a scam called the "TeslaStartegy Giveaway". It is a model example of a fake cryptocurrency giveaway. This scheme promises to double the amount of Bitcoin (BTC) or Ethereum (ETH) cryptocurrency that users contribute to it. Instead, the sca
While checking the VirusTotal site for recently submitted malware samples, we discovered Beamed ransomware. This malware encrypts files and appends the ".beamed" extension to filenames. It also creates a text file (named "RIP YO DOCUMENTS.txt") that contains a ransom note. An example of how Beame
AllocateClassics is an advertising-supported application designed to show advertisements. Our team discovered this app while checking out deceptive pages instructing visitors to update supposedly outdated software with a fake Adobe Flash Player installer. AllocateClassics is not a trustworthy ap
Our researchers discovered the antivirus-defence[.]com while investigating dubious sites. It operates by promoting deceptive material (scams), pushing browser notification spam, and redirecting visitors to other (likely untrustworthy/malicious) websites. Most users enter such pages through redire
img book is the name of a browser extension that is described as a tool allowing users to see all images on websites. While testing this app, we noticed that it displays intrusive advertisements. Therefore, we classified img book as adware. It is worth mentioning that this application is promoted
OrionRound is a piece of rogue software that our research team found during a routine inspection of new submissions to VirusTotal. Our analysis of this application revealed that OrionRound is adware belonging to the AdLoad malware family. Adware enables the placements of intrusive ads on
Severalsituations[.]click is an untrustworthy (deceptive) web page that displays deceptive content. It runs a scam similar to "McAfee - Your PC is infected with 5 viruses!". Also, it asks for permission to deliver notifications. Our researchers discovered this site while checking out websites that