Sex is the name of ransomware based on another ransomware called Chaos. We discovered this ransomware while inspecting malware samples submitted to the VirusTotal website. The purpose of this malware is to encrypt files. Also, Sex appends the ".sex" extension to filenames and drops the "read_it.tx
My Keypro is the name of a rogue browser extension. Our analysis of this piece of software revealed that it operates as a browser hijacker promoting the keysearchs.com fake search engine. Additionally, My Keypro gathers private information. Browser hijackers reassign browsers' default sear
RShell refers to a backdoor-type malware targeting Mac Operating Systems (macOS). Malicious software within this classification can execute commands and is typically used to collect data and infect systems with additional malware. RShell is infiltrated into macOS by trojanized the Chinese-langu
"MultiPlug" and variants of it are detection names used by some security vendors to identify content that operates as advertising-supported software (adware). It is designed to run intrusive advertisement campaigns. In other words, adware displays advertisements on various interfaces. Furthermore,
Smartanswersonline.com is one of the untrustworthy search engines generating misleading results. We discovered smartanswersonline.com after adding a browser hijacker to a web browser. That browser hijacker promotes smartanswersonline.com by making changes in the settings of a web browser.
While inspecting new submissions to VirusTotal, our researchers found another ransomware called Dark. It belongs to the VoidCrypt ransomware family. Once we executed a sample of this ransomware on our test system, it encrypted files and altered their filenames. The file titles were appended with
While analyzing the discoverthebest.co site, we found that it is an untrustworthy search engine. We discovered discoverthebest.co after adding a shady extension to a web browser. That application promotes discoverthebest.co by hijacking a web browser (by changing its settings). Discoverthe
While inspecting dubious installation setups, we found a piece of software promoting the driversgalaxy.co fake search engine. Websites of this kind are promoted by browser hijackers, which achieve this by making alterations to browser settings. While driversgalaxy.co can provide search results, t
While inspecting deceptive websites offering to download "useful" applications, fake installers, etc., we discovered an application called PlatformFormat. While testing this app, we found that it functions as adware - it displays annoying/unwanted and untrustworthy advertisements. Thus, Platform
Qqlo is ransomware that encrypts files and appends the ".qqlo" extension to filenames. It also drops a text file ("_readme.txt") that contains a ransom note. We discovered Qqlo while analyzing malware samples submitted to the VirusTotal web page. Qqlo belongs to a ransomware family called Djvu. A