Industrial Spy Market is a piece of malicious software classified as ransomware. Malware within this classification operates by encrypting files to demand payment for the decryption. Typically, ransomware renames the encrypted files, but Industrial Spy Market does not alter filenames. Once the en
While inspecting deceptive download webpages, our researchers found the frame order browser extension. After analyzing this piece of software, we determined that it operates as adware. Advertising-supported software (adware) enables the placement of third-party graphical content (e.g., pop
Our team has examined this email and found that it contains a malicious attachment. The file attached to it infects computers with Agent Tesla - a remote administration Trojan (RAT). This file is disguised as a purchase order document. The email instructs recipients to review the attached
CryptBIT is ransomware that encrypts files, appends the ".cryptbit" extension to filenames, changes the desktop wallpaper, and creates the "CryptBIT-restore-files.txt" file. Our malware researchers have discovered it while analyzing the samples submitted to VirusTotal. An example of how CryptBIT
After examining the email, we found that it is disguised as a letter from Geek Squad, a subsidiary of Best Buy (a consumer electronics corporation). The purpose of this email is to trick recipients into calling the provided number (contacting scammers). It must be ignored. Geek Squad has nothing t
Our research team found the Keep It Smart browser extension while inspecting dubious download sites. Our analysis of this piece of software revealed that it is a browser hijacker promoting the keepitsmart.today fake search engine. Keep It Smart promotes keepitsmart.today by causing redirec
Little-Light is a program (a browser extension) we found while analyzing deceptive pages. It is advertised as an app that can display any page in dark mode. After downloading and installing the app, we discovered that it generates advertisements. Thus, we concluded that Little-Light is an advertis
TeamBot is the name of a malicious program that operates as a dropper. Malware of this type is designed to cause chain infections, i.e., download/install additional malicious programs/components. TeamBot has been observed dropping various information-stealing programs into compromised systems. Ch
Computeradshub[.]com is a website designed to trick visitors into agreeing to receive its notifications. Also, it can redirect visitors to other (similar) pages. Our team has discovered computeradshub[.]com while analyzing pages that use rogue advertising networks. Computeradshub[.]com dis
Our team has discovered an application named AdvancedControl while inspecting a deceptive page offering to update the Adobe Flash Player. After installing and examining AdvancedControl, we found that this app operates as adware - it displays unwanted/intrusive advertisements. Clicking on