While inspecting suspicious websites, our researchers found one promoting the Screen Recorder browser extension. It is presented as a tool capable of recording the screen. However, our analysis revealed that Screen Recorder operates as adware instead. Adware stands for advertising-supporte
After analyzing the AssessmentBranded application (which we downloaded from a deceptive website), our team learned that it shows intrusive advertisements. Therefore, we classified AssessmentBranded as adware. Also, this app can read sensitive information. It is strongly recommended not to instal
JiangLocker is a piece of malicious software categorized as ransomware. It is designed to encrypt data and demand ransoms for the decryption. After we launched a sample of JiangLocker on our test system, it began encrypting files and appended their filenames with a ".jiang" extension. For example
After analyzing threecaptcha[.]top, we concluded that it is one of the many untrustworthy pages designed to lure visitors into agreeing to receive notifications. In addition to showing deceptive content, threecaptcha[.]top redirects to scam websites. Thus, threecaptcha[.]top, its notifications, an
After examining stronger-protection[.]com, we found that it is one of the deceptive pages that runs the "McAfee - Your PC is infected with 5 viruses!" and asks for permission to show its notifications. Our team discovered stronger-protection[.]com while studying other shady pages that use rogue ad
Stable-scan[.]com is a rogue webpage that our researchers discovered during a routine inspection of dubious websites. This page is designed to push online scams, promote browser notification spam, and redirect users to other (likely unreliable/malicious) sites. Visitors to pages like stable-scan[
Our researchers discovered the dailysurveyreward[.]online rogue webpage while inspecting dubious sites. It is designed to promote scams, push spam browser notifications, or redirect visitors to other (likely unreliable/malicious) websites. Most users access pages of this kind via redirects caused
Our researchers found a deceptive webpage endorsing the Motorsports Start browser extension while inspecting sites that use rogue advertising networks. This piece of software is presented as a tool capable of providing easy access to updates, results, and the latest news relating to motorsports.
RatMilad is the name of an Android Remote Access Trojan (RAT) with spyware capabilities targeting users in the Middle Eastern. It is known that this malware is distributed via NumRent - a VPN and phone number spoofing application. Previously, RatMilad was hiding behind an app called Text Me. NumR
MafiaWare666 is a piece of malicious software classified as ransomware. Malware within this classification operates by encrypting victims' data (i.e., rendering it inaccessible) and demanding payment for the decryption. Once we launched a sample of this ransomware on our test machine, it began en