Our research team discovered the "Norton Security - Your PC Might Be Infected With Viruses!" scam while inspecting rogue webpages. This scheme claims that the device might be infected since the Norton AntiVirus subscription has expired. However, these statements are false, as no website can detec
Zxcvb is ransomware belonging to the Dharma family. We discovered Zxcvb while analyzing malware samples submitted to the VirusTotal website. This ransomware encrypts files and appends the victim's ID, paymoney@onionmail.org email address, and the ".zxcvb" extension to filenames. Also, Zxcvb displ
Qqkk is ransomware that our team discovered while examining malware samples submitted to VirusTotal. We learned that Qqkk belongs to the Djvu ransomware family. It prevents victims from accessing files by encrypting them, appends the ".qqkk" extension to filenames, and drops the "_readme.txt" file
Our researchers found the CoordinatorOptimization application during a routine investigation of new submissions to VirusTotal. After analyzing this piece of software, we determined that it operates as adware. In other words, CoordinatorOptimization runs intrusive advertisement campaigns and may
While inspecting new submissions to VirusTotal, our research team discovered the KOPYTZEMPEREEBET ransomware. We executed a sample of this malware on our test machine, and it encrypted files and appended their filenames with a ".KOPYTZEMPEREEBET" extension. For example, a file named "1.jpg" appea
Our research team discovered the Aurora malware while looking through hacker forums. Its developers advertise Aurora as a multifunctional piece of malicious software. The program's promotional material states that it operates as a RAT (Remote Access Trojan), botnet, stealer, clipper, and data-encr
Qqjj is ransomware (belonging to the Djvu ransomware family) designed to encrypt files and change their extension to ".qqjj". It also drops the "_readme.txt" file (a ransom note) on the desktop. Our malware researchers discovered Qqjj while checking the VirusTotal page for recently submitted malwa
During a routine inspection of new submissions to VirusTotal, our research team found the SurplusStatus rogue application. Our analysis revealed that SurplusStatus is advertising-supported software (adware). Furthermore, SurplusStatus is part of the AdLoad malware family. It is noteworth
While analyzing captchaless[.]top, we found that this page is created to trick visitors into agreeing to receive notifications. The purpose of this site is to promote other untrustworthy websites and apps. Our team discovered captchaless[.]top while inspecting sites that use rogue advertising netw
SmartRecord is a rogue app that we discovered while looking through new submissions to VirusTotal. After analyzing this piece of software, we determined that it is adware. Additionally, it is noteworthy that SmartRecord is part of the AdLoad malware family. Advertising-supported software