Dom is a ransomware-type program that our research team discovered while checking out new submissions to VirusTotal. Programs of this kind operate by encrypting data and demanding payment for the decryption tools. Once we executed a sample of Dom on our test machine, it began encrypting files and
While inspecting untrustworthy sites, our researchers discovered the newspoldays[.]site rogue webpage. It pushes browser notification spam with the use of fake CAPTCHA, and newspoldays[.]site can redirect users elsewhere (likely unreliable/malicious websites). Most visitors to notification-spam-p
Inlock is ransomware that encrypts files, appends the ".inlock" extension to filenames, changes the desktop wallpaper, and creates the "READ_IT.txt" file that contains a ransom note. The purpose of Inlock is to prevent victims from accessing their files. Our team discovered this ransomware while i
Mobile apps Group is an adware family targeting Android operating systems. The name is based on the developer account on Google Play - from which the adware-type apps originate. Said account has been noted for previous questionable/malicious activity and has over one million app downloads to its n
While inspecting ActiveAnalyzer application, our team observed that it shows annoying advertisements. Software that shows ads on computers is called adware. We discovered ActiveAnalyzer after using a fake installer (disguised as the installer for Adobe Flash Player) downloaded from a deceptive w
AdvantageMethod is a piece of rogue software that our researchers found while investigating new submissions to VirusTotal. After we inspected this application, we determined that it operates as adware. It is noteworthy that AdvantageMethod is part of the AdLoad malware family. Adware is
While checking out new submissions to VirusTotal, our research team discovered a ransomware-type program called Anon_by. Malware within this classification encrypts data and demands ransoms for the decryption tools. After we launched a sample of this ransomware on our test machine, it began encry
Our team examined daphomost[.]com and learned that it shows a deceptive message (uses a clickbait technique) to lure visitors into allowing it to display notifications. It was also found that daphomost[.]com redirects to other untrustworthy pages. This is an untrustworthy page that should be ignor
Our team has investigated this email and found that it is sent by scammers who seek to lure recipients into providing sensitive information. It contains a link to a deceptive website asking to provide login credentials. Such emails are called phishing emails. This email is disguised as a l
Feg is one of the Xorist ransomware variants. It encrypts files and renames them (by appending the ".feg" extension to filenames). Also, Feg creates a ransom note (the "КАК РАСШИФРОВАТЬ ФАЙЛЫ.txt" file) and displays a pop-up window with the same text as the ransom note. Our malware researchers di