LODEINFO is a backdoor-type malware capable of causing chain infections and stealing sensitive information from infected devices. As of September 2022, six versions of this program have been detected. The latest variants improve upon the malware's anti-detection/anti-analysis capabilities and have
Our team inspected tabs info browser extension and found that this app is designed to display annoying advertisements. Software that shows ads is called adware. It is common for adware to be distributed (and promoted) using deceptive methods. Therefore, users often install or add apps like tabs in
Our team inspected scantowebprotection[.]online and found that it runs the "McAfee - Your PC is infected with 5 viruses!" scam and asks for permission to show notifications. This page and its notifications are not trustworthy. We discovered scantowebprotection[.]online while examining websites tha
After testing the Streamic application, we learned that it is a browser extension that shows annoying (intrusive) advertisements. Also, it can read and change data on all pages. Apps that display ads are called adware. Adware is often installed and added to browsers by users unintentionally due to
Internalnetworkpc[.]com is a rogue page that our researchers discovered while inspecting dubious websites. The site in question promotes online scams and spam browser notifications. It is also capable of redirecting users to other (likely unreliable/dangerous) webpages. Sites like internalnetwork
While inspecting deceptive software-endorsing websites, our researchers discovered one promoting the Interesting Facts browser extension. This piece of software promises to display brief interesting facts from around the world. However, it also makes modifications to browser settings to promote t
Rar is ransomware - malware that uses encryption to prevent victims from accessing their files. We found that Rar appends the victim's ID, spystar1@onionmail.com email address, and ".Rar" extension to the filenames of all encrypted files. Also, it creates the "Read.txt" file that contains a ransom
While inspecting new submissions to VirusTotal, our researchers found the ZEUS malicious program, which is based on the Chaos ransomware. Once we executed a sample of the ZEUS (Chaos) ransomware on our testing system, it began encrypting files and changed their names. Original filenames were appe
Prime-scanner[.]com is one of the many deceptive websites running the "McAfee - Your PC is infected with 5 viruses!" scam. The purpose of this site is to trick visitors into purchasing legitimate antivirus software. Also, prime-scanner[.]com asks for permission to show notifications. We discovered
While checking out suspicious software promoting sites, our research team discovered the Bookmark Drag and Drop browser extension. It is endorsed as a bookmark management and quick access tool. Our inspection of Bookmark Drag and Drop revealed that it operates as a browser hijacker. This extensio