RidgeWorld is an application distributed via fake installers. We discovered it after using an installer downloaded from a deceptive page. We learned that the purpose of RidgeWorld is to generate advertisements (it functions as adware). It is not a useful or legitimate app. Advertisements
During a routine inspection of untrustworthy sites, we discovered the beltrapurint[.]com rogue webpage. It operates by promoting browser notification spam and redirecting visitors to other (likely unreliable/malicious) websites. Users typically access beltrapurint[.]com and sites akin to it - via
While looking through new submissions to VirusTotal, our research team discovered the Skynet malicious program that is based on the Chaos ransomware. After we executed Skynet ransomware on our testing machine, it encrypted files and appended their filenames with an extension consisting of four ra
Getgadgets[.]online is a deceptive website that runs a fake survey and wants to display notifications. Our team discovered this page while inspecting other pages that use rogue advertising networks. Getgadgets[.]online is one of the many untrustworthy sites that should never be allowed to show not
During our routine check for malware samples submitted to VirusTotal, we discovered ransomware called blueKey. We learned that this malware encrypts files, appends the ".blueKey" extension to filenames, changes the desktop wallpaper, and drops the "DECRYPTION_INSTRUCTIONS.txt" file (a ransom note)
RecordQuick is an untrustworthy software application that our malware researchers discovered while examining deceptive websites (after downloading a fake installer). After installation, we found that RecordQuick displays annoying advertisements. Software of this type is called adware. Typically,
While looking through new submissions to VirusTotal, our researchers discovered the LuckyRelic rogue application. Our analysis revealed that this app operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware can require specific conditions to ru
Cleantoclean[.]xyz is the address of a rogue website that our researchers discovered while inspecting dubious sites. This page is designed to run scams, promote browser notification spam, and redirect visitors to different (likely unreliable/malicious) websites. Most users access webpages like cl
Getting Files is a rogue browser extension that our research team found while inspecting questionable download webpages. It is promoted as a download management tool. However, our analysis of Getting Files revealed that it operates as advertising-supported software (adware). Adware enables
While analyzing the samples submitted to the VirusTotal page, our team discovered spyware targeting macOS users called CloudMensis. It was found that CloudMensis is written in Objective-C programming language. It can exfiltrate documents and email attachments, capture the screen, log keystrokes,