Our researchers discovered the browser-under-protection[.]com rogue website during a routine inspection of untrustworthy pages. It is designed to promote scams, push browser notification spam, and redirect to other (likely dubious/malicious) sites. These webpages are typically accessed via redire
Rapid Files Download is an application described as a tool allowing users to keep track of downloads and quickly access and manage them and create new downloads. Our team has discovered this app on a deceptive page that suggests that it may be required to add it to a browser. After downloading and
Z61yt is ransomware that belongs to the Hive ransomware family. Our team discovered Z61yt while examining malware samples submitted to the VirusTotal page. This ransomware encrypts files and appends a string of random characters and the ".z61yt" extension to filenames. Also, Z61yt creates the "1uZ
Discovered by the MalwareHunterTeam, KEEP CALM AND RECOVER YOUR FILES is a ransomware-type program. It is also a variant of the Chaos ransomware. After launching a sample of KEEP CALM AND RECOVER YOUR FILES on our test system, we learned that it encrypts files and appends their filenames with an
MemoryFunction is a rogue app that we found while inspecting new submissions to VirusTotal. Our analysis of the application revealed that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware is designed to display advertisements on visit
BianLian is the name of a banking Trojan targeting Android users. We have discovered this piece of malware while examining malware droppers (fake apps) uploaded to the Google Play store. BianLian performs overlay attacks to steal login credentials for banking applications and has additional capabi
While looking through new malware submissions to VirusTotal, our researchers found the EMPg296LCK malicious program that is classified as ransomware. We determined that this program is part of the MedusaLocker ransomware family, and we acquired a sample of it for testing. On our test machine, EMP
IndexerSource is an application that our researchers discovered while inspecting new submissions to VirusTotal. After analyzing this piece of software, we learned that it operates as adware and is part of the AdLoad malware family. Adware operates by enabling the placement of advertiseme
Our researchers discovered the hehighursoo[.]com rogue webpage while inspecting untrustworthy websites. This page is designed to promote spam browser notifications and redirect visitors to different (likely questionable or malicious) sites. Most users enter hehighursoo[.]com and pages akin to it
SVCReady is the name of a malware loader that can collect information about the infected system and communicate with a command and control (C2) server. We have discovered this loader while examining an email containing a malicious MS Word document. One of the known payloads delivered using the SV