DawDropper is a piece of malicious software targeting Android operating systems. It is classified as a dropper - a type of program designed to cause chain infections (i.e., download/install other malware). This dropper has been used to infect devices with various banking trojans. DawDropper's dev
"Summon To Court For Pedophilia" refers to scam emails disguised as court summons issued by governmental bodies. These letters claim that the recipient is accused of activities relating to pedophilia. We have inspected two variants of these spam emails, one in French and the other in Lithuanian, E
While inspecting websites offering "cracked" software, our researchers discovered a rogue browser extension simply titled "Chrome". Many fake extensions may use this name; in general, it is common for dubious software to use the names and graphics of legitimate products and companies. Typically, d
During a routine investigation of suspicious websites, our researcher team found the urgentscanur[.]com rogue page. It hosts deceptive content (scams), promotes spam browser notifications, and redirects users to other (likely untrustworthy or malicious) sites. Most visitors to urgentscanur[.]com
TerminalGenerate is an application that we discovered while inspecting new submissions to VirusTotal. Our analysis of this rogue app revealed that it is adware. Furthermore, TerminalGenerate is part of the AdLoad malware family. Advertising-supported software (adware) is designed to disp
Our researchers discovered a new ransomware-type program belonging to the Phobos family - called FILE. Malware within this category operates by encrypting data in order to demand ransoms for the decryption. After we executed a sample of File ransomware on our test machine, it encrypted files and
Our researchers discovered the estimatorone[.]xyz rogue page during a routine investigation of untrustworthy websites. This webpage runs scams, promotes browser notification spam, and redirects visitors to different (likely unreliable or malicious) sites. Usually, webpages like estimatorone[.]xyz
ResolutionProduct is a rogue application, which our researchers discovered while inspecting new submissions to VirusTotal. After analyzing ResolutionProduct, we determined that it operates as advertising-supported software (adware). Additionally, this app is part of the AdLoad malware family.
While inspecting rogue sites, our research team discovered a scam called the "TeslaStartegy Giveaway". It is a model example of a fake cryptocurrency giveaway. This scheme promises to double the amount of Bitcoin (BTC) or Ethereum (ETH) cryptocurrency that users contribute to it. Instead, the sca
While checking the VirusTotal site for recently submitted malware samples, we discovered Beamed ransomware. This malware encrypts files and appends the ".beamed" extension to filenames. It also creates a text file (named "RIP YO DOCUMENTS.txt") that contains a ransom note. An example of how Beame