While looking through new submissions to VirusTotal, our researchers discovered the DynamicLush application. Our analysis of this piece of software revealed that it operates as adware and belongs to the AdLoad malware family. Adware may not display advertisements if certain conditions ar
We discovered the trexvideo[.]biz rogue webpage while inspecting dubious websites. It is designed to push browser notification spam and redirect visitors to other (likely untrustworthy or malicious) sites. Users typically enter pages of this kind via redirects caused by webpages using rogue advert
Juicycelebinfo[.]com uses a clickbait technique to trick visitors into allowing it to show notifications. Also, it redirects them to other untrustworthy pages. As a rule, pages like juicycelebinfo[.]com are not visited on purpose. Our team found this page while inspecting websites that use shady a
After checking the "I am a Russian hacker who has access to your operating system" email, we determined that it is spam that operates as a sextortion scam. This spam mail attempts to trick recipients into paying a ransom over nonexistent recordings. In other words, these emails state that the sen
Investdigest[.]xyz is one of the websites running the "McAfee - Your PC is infected with 5 viruses!" scam. Also, it asks for permission to show shady notifications. Typically, websites like investdigest[.]xyz are visited inadvertently. We have discovered this page while examining other pages that
GenesisMass is an advertising-supported application that generates advertisements. We have discovered it while inspecting deceptive websites. We also found that this app can read sensitive information. Having adware installed on the operating system (or a web browser) can lead to various problem
While inspecting new submissions to VirusTotal, our research team found the HORSEMAGYAR ransomware. We executed a sample of this malware on our test machine and learned that it encrypts data and renames the affected files. The filenames were altered according to this pattern - "[original_filename
Freshyearmarts[.]shop is an untrustworthy page that runs a T-Mobile scam and asks for permission to show notifications. Our team has discovered this site while examining other pages of this kind (pages that use rogue advertising networks). Freshyearmarts[.]shop cannot be trusted and should never h
While examining the turnon-yourprotect[.]site page, we found that it runs the "McAfee - Your PC is infected with 5 viruses!" scam and asks for permission to show untrustworthy notifications. We discovered this page during inspection of other shady pages that use rogue advertising networks.
Ehehehx12 is the name of ransomware that our team has discovered while examining malware samples submitted to the VirusTotal website. The purpose of Ehehehx12 is to encrypt files. Additionally, it renames files (by appending the ".Ehehehx12" extension to filenames) and creates the "HELP_DECRYPT_YO