Our researchers discovered the Saving Files browser extension while inspecting dubious software promoting websites. This piece of software is promoted as a download management tool. However, our analysis revealed that Saving Files operates as adware instead. Adware stands for advertising-s
"Ads Blocker" (appeared as "Ads Blocker V16.1" on our testing machine) is a piece of malicious software targeting Android Operating Systems (OSes). This malware is capable of hijacking the device's calendar and overlaying browsers. "Ads Blocker" aims to promote a wide variety of rogue, scam, and m
Summer Locker is ransomware that prevents victims from using their files by encrypting them. Also, it appends the ".summer" extension to filenames. Summer Locker provides two ransom notes: one of them is displayed in a pop-up window and the second one is in the "___RECOVER__FILES__.summer.txt" fil
Week-tale[.]xyz is a deceptive website designed to lure visitors into granting it permission to show notifications. Also, it can redirect to a scam website (and possibly other untrustworthy pages). Our team discovered week-tale[.]xyz while examining illegal movie streaming pages, torrent sites, an
LinkRoot is the name of a rogue application that our researchers discovered while investigating new submissions to VirusTotal. After inspecting this piece of software, we learned that it operates as adware. Additionally, LinkRoot belongs to the AdLoad malware family. Adware is designed t
While testing UnitDisplay, we found that it is an advertising-supported application that shows annoying (intrusive) advertisements. In addition to displaying ads, UnitDisplay may be capable of gathering information. We discovered this app after downloading a fake installer from a deceptive websi
While inspecting new malware submissions to VirusTotal, our researchers discovered the HORNET ransomware. It is designed to encrypt data and make ransom demands for decryption. After we executed a sample of HORNET on our test machine, it began encrypting files and displayed a fake Windows OS upda
While examining advertizementtoyou[.]com, our team learned that this page is designed to lure visitors into agreeing to receive notifications. Advertizementtoyou[.]com uses a clickbait technique to obtain permission to deliver notifications. It also redirects to other websites. Advertizeme
After testing the Secure Audio Relay application, we learned that it bombards users with intrusive advertisements. Software of this type is called adware. Our team discovered Secure Audio Relay on a shady website. It is common for adware to be promoted and distributed using questionable (often dec
Our research team found the track-scanner[.]com rogue page during a routine inspection of questionable websites. It is designed to host online scams, promote browser notification spam, and redirect visitors to other (likely untrustworthy/malicious) webpages. Most users enter sites like track-scan