Our inspection of the "Mailbox Software Update" email revealed that it is spam. Emails belonging to this campaign operate as phishing scams targeting mail account log-in credentials. The spam letters make false claims about a pending update to the email account and promote a phishing website prese
While examining the Image Downloader browser extension, we found that it displays unwanted advertisements. We discovered Image Downloader on a deceptive web page. Apps that show annoying ads are classified as adware. Users often download and install (or add) advertising-supported software unintent
Adblock Web is a rogue browser extension that we discovered while inspecting suspicious websites. It promises to block advertisements, but instead of blocking them - this extension displays ads. Hence, Adblock Web is classified as advertising-supported software (adware). Adware can display
FractionControl is a rogue app that our research team discovered while inspecting new submissions to VirusTotal. Our inspection of this application revealed that it operates as adware. It is pertinent to mention that FractionControl is part of the AdLoad malware family. Adware is designe
After inspecting the "Netflix - We've Suspended Your Membership" email, we determined that it is fake. This spam letter informs recipients that their Netflix membership has been suspended, and the payment information needs to be renewed to prevent the subscription from expiring. By using these fak
We examined mydailysecurityguard[.]site and found that this page runs the "Norton Security - Your PC might be infected with viruses!" scam and asks for permission to show shady notifications. We encountered this site while inspecting pages that use rogue advertising networks. Users do not visit we
Fake "System Update" RAT - refers to a Remote Access Trojan (RAT) targeting Android devices, which is often disguised as an application offering system updates. However, it must be mentioned that this trojan has been observed using another disguise - an app supposedly providing news and live broad
MEOW is ransomware based on other ransomware called CONTI. MEOW encrypts files and appends the ".MEOW" extension to their filenames. It also drops the "readme.txt" file (a ransom note). An example of how MEOW ransomware modifies filenames: it renames "1.jpg" to "1.jpg.MEOW", "2.png" to "2.png.MEOW
Doenerium is an information stealer masquerading as Windows Malicious Software Removal Tool. This malware targets cryptocurrency wallets, Internet browsers, clipboard data, and system information. Also, the malware author uses Doenerium to mine cryptocurrency on computers attacked by threat actors
While inspecting new submissions to VirusTotal, our researchers discovered the OBZ ransomware-type program that is identical to U2K and MME. After we executed a sample of OBZ on our testing system, it encrypted files and appended their filenames with a ".OBZ" extension. For example, a file initia