We discovered the ConnectedField application during a routine inspection of new submissions to VirusTotal. On our test system, this app ran intrusive ad campaigns, and due to this behavior - it is considered to be adware. Additionally, ConnectedField belongs to the AdLoad malware family.
After inspecting the "BRITISH CAMELOT ONLINE LOTTERY" email, we determined that it is spam operating as a phishing scam. It targets personally identifiable information by claiming that it must be provided to claim the lottery prize that the recipient has won. It must be emphasized that these clai
Our team examined pushycaptcha[.]live and learned that it displays a deceptive message to lure visitors into agreeing to receive notifications. Additionally, pushycaptcha[.]live redirects to scam websites. We discovered pushycaptcha[.]live while inspecting websites that use rogue advertising netwo
Our inspection of the "YоuTubе Suppоrt Shared An Item" email revealed that it is spam. Likely targeting users with YouTube accounts, this scam is presented as a notification regarding a copyright-related document shared with the recipients by YouTube Support. It is most probable that the shared f
We inspected this email and found that this is an extortion scam email demanding ransom for not leaking the company's data. Scammers aim to trick recipients into believing that hackers will leak stolen data and damage their reputation if they do not make a payment. This is just a scam. Thus, this
AXLocker is a ransomware-type program. Malware of this type is designed to encrypt data (i.e., render files inaccessible) and demand payment for the decryption tools. Typically, ransomware renames encrypted files - often by appending them with an additional extension. However, on our test machine
After examining this email, we concluded that it is a fake letter from Fifth Third Bank regarding suspicious account activity. Scammers behind this scam email aim to trick recipients into providing sensitive information on a deceptive website. This email should be ignored. This email claim
While inspecting spam emails, our researchers found one promoting the justpush[.]biz rogue website. This page pushes browser notification spam and redirects visitors to other (likely dubious/malicious) sites. Aside from spam mail, websites like justpush[.]biz are often accessed via redirects caus
While inspecting rogue webpages, our research team found the Search-Monster browser extension. On our test machine, it modified browser settings to promote the searchmonster.net fake search engine. Therefore, Search-Monster is considered to be a browser hijacker. Search-Monster assigns sea
Our research team discovered the ZeRy ransomware-type program while inspecting new submissions to VirusTotal. ZeRy is part of the Xorist ransomware family. On our testing system, this ransomware encrypted files and appended their filenames with a ".ZeRy" extension. To elaborate, a file initially