Fynweb[.]com is a rogue site that our researchers discovered during a routine inspection of questionable websites. This page uses deception to trick visitors into allowing it to deliver browser notification spam. Additionally, it is capable of redirecting visitors elsewhere (likely unreliable/dang
FLB Music is one of the ChromeLoader malware variants. It is an advertising-supported application disguised as a media player. It generates unwanted advertisements and enables the malware to load modules for network communication and DHCP snooping. Our team discovered the FLB Music application aft
While inspecting dubious websites, our research team discovered the ponuadema[.]com page. This rogue site promotes spam browser notifications and redirects users to other (likely unreliable/malicious) websites. Users typically access webpages like ponuadema[.]com via redirects caused by sites usin
While inspecting findmebuy.com, our team found that it is a search engine that generates questionable results and shows advertisements. It is worth mentioning that search engines of this kind usually are promoted by browser hijackers that modify the browser's settings. Most users add browser hijac
Arazite is a piece of malicious software categorized as ransomware. This type of malware is designed to encrypt data and demand payment for decryption. After we executed a sample of Arazite on our test system, it began encrypting files and appended their filenames with the ".arazite" extension. F
After testing the Free Game Loop browser extension, we found that it is an advertising-supported application. This app generates revenue for its developer by displaying unwanted advertisements to users. Our team discovered Free Game Loop on a website offering to play the best card games online.
Our research team discovered the allprotectpc[.]com rogue page during a routine investigation of untrustworthy websites. It promotes scams, pushes browser notification spam, and redirects visitors to other (likely unreliable/malicious) sites. Users typically enter allprotectpc[.]com and similar w
Wanqu is the name of ransomware that encrypts and renames files (by appending the ".Wanqu" extension) and drops "RESTORE_FILES_INFO.txt" and "RESTORE_FILES_INFO.hta" files (ransom notes) on the desktop. Our team discovered Wanqu while inspecting malware samples submitted to the VirusTotal website.
While investigating new submissions to VirusTotal, our researchers found the AuroraShack application. After analyzing it, we determined that this app operates as adware (i.e., runs intrusive ad campaigns) and belongs to the AdLoad malware family. Adware stands for advertising-supported s
A new version of Android malware has emerged recently, targeting customers of Indian banks. Cybercriminals behind this campaign are using fake banking rewards applications to trick users into installing information-stealing malware with remote access trojan (RAT) capabilities. Their goal is to ste