Our research team discovered the Power Colors rogue browser extension while inspecting dubious download webpages. We analyzed this extension and determined that it operates as advertising-supported software (adware). Adware enables the placement of third-party graphic content (advertisemen
After inspecting this "Webmail Center" spam email, we determined that it operates as a phishing scam. The letter claims that due to a system upgrade, messages failed to reach the inbox. Hence, the recipient must verify their email account to receive the letters and prevent it from being blocked.
EllipseChoice is a rogue application that we discovered during a routine inspection of new submissions to VirusTotal. Our analysis of this app revealed that it operates as advertising-supported software (adware). Additionally, it is worth mentioning that EllipseChoice is part of the AdLoad malwa
BianLian is a malicious program classified as ransomware. It is written in the Go programming language. After we executed a sample of BianLian on our test machine, it encrypted files and appended their filenames with a ".bianlian" extension. To elaborate, a file initially titled "1.jpg" appeared
While inspecting totaldatadefencereport[.]com, we found that it is running the "Norton Security - Your PC Might Be Infected With Viruses!" scam. Additionally, we learned that totaldatadefencereport[.]com wants to show notifications. Our team discovered this page while examining other pages that us
After testing the LightSurf, our team concluded that it is an advertising-supported app. It displays intrusive advertisements. Additionally, it can read and change data on visited websites. We discovered this site on a deceptive web page claiming that it might be required to add LightSurf to a web
Our research team discovered the "Norton Security - Your PC Might Be Infected With Viruses!" scam while inspecting rogue webpages. This scheme claims that the device might be infected since the Norton AntiVirus subscription has expired. However, these statements are false, as no website can detec
Zxcvb is ransomware belonging to the Dharma family. We discovered Zxcvb while analyzing malware samples submitted to the VirusTotal website. This ransomware encrypts files and appends the victim's ID, paymoney@onionmail.org email address, and the ".zxcvb" extension to filenames. Also, Zxcvb displ
Qqkk is ransomware that our team discovered while examining malware samples submitted to VirusTotal. We learned that Qqkk belongs to the Djvu ransomware family. It prevents victims from accessing files by encrypting them, appends the ".qqkk" extension to filenames, and drops the "_readme.txt" file
Our researchers found the CoordinatorOptimization application during a routine investigation of new submissions to VirusTotal. After analyzing this piece of software, we determined that it operates as adware. In other words, CoordinatorOptimization runs intrusive advertisement campaigns and may