Our research team discovered the Mega Colors browser extension while inspecting questionable software-promoting webpages. This extension is endorsed as a tool capable of changing website background colors. Our analysis of Mega Colors revealed that it operates as advertising-supported software (adw
HIP1 is a ransomware-type program that our researchers discovered while inspecting new submissions to VirusTotal. This malicious program belongs to the VoidCrypt ransomware family. When we launched a sample of HIP1 on our test system, it encrypted files and appended their filenames with a unique
During a routine investigation of new submissions to VirusTotal, our researchers discovered the LevelNight rogue application. After analyzing this app, we determined that it works as advertising-supported software (adware). Furthermore, it is noteworthy that LevelNight is part of the AdLoad malw
"Google Docs email scam" refers to scam campaigns that contain phishing attachments claiming to allow access to securely-stored files on Google Docs. The documents attached to these scam letters promote phishing websites, which typically target email account log-in credentials. The invoice-relate
While inspecting untrustworthy sites, our research team found the mytopwords[.]com rogue webpage. It is designed to deceive visitors into enabling spam browser notification delivery. Additionally, this site can lead users to other (likely unreliable/hazardous) websites. Pages like mytopwords[.]co
"UltraViewer Tech Support Scam" refers to technical support scams facilitated through the use of the UltraViewer application. UltraViewer is a legitimate remote access software which allows users to connect and control systems over a distance. Tech support scammers rely on such programs to gain a
Video Downloader is a rogue browser extension that promises to allow users to download videos off of popular platforms. Our researchers discovered this piece of software while inspecting dubious download webpages. After analyzing the Video Downloader extension, we determined that it is adware.
Our researchers discovered the Lavasky malicious program, which is classified as ransomware, while investigating new submissions to VirusTotal. Additionally, it is pertinent to mention that Lavasky is part of the VoidCrypt ransomware family. Once we executed a sample of this ransomware on our tes
While inspecting rogue webpages, our researchers discovered the "Phone Update Recommended" scam, which targets Android device users. This scheme attempts to trick visitors into downloading/installing and/or purchasing recommended software - by claiming that it will improve the device's poor perfor
Nitrokod is a malicious program that operates as a backdoor for cryptocurrency mining malware. At the time of writing, Nitrokod was designed to infect systems with the XMRIG cryptominer. It is noteworthy that Nitrokod has been actively spread via malicious applications disguised as legitimate sof