During a routine inspection of new submissions to VirusTotal, our researchers found the EfficiencyInternet rogue application. We analyzed this app and learned that it operates as adware and is part of the AdLoad malware family. Advertising-supported software enables the placement of thir
While inspecting deceptive software download webpages, our researchers discovered the Mondy Search browser extension. After analyzing this piece of software, we determined that it operates as a browser hijacker. Mondy Search changes browser settings and promotes the mondysearch.com fake search eng
HorizonFlower is the name of an application we discovered after using a fake installer downloaded from an untrustworthy page. We found that HorizonFlower is useless (does not have any features) and displays unwanted (intrusive) advertisements. Thus, we concluded that HorizonFlower is an advertis
While checking the VirusTotal page for recently submitted malware samples, our team discovered ransomware called MRN. This ransomware encrypts files and appends the victim's ID, virus_monster@tutanota.com email address, and its extension (".MRN") to filenames. It also drops the "unlock-info.txt" t
ConditionAnalysts is a rogue app that our research team found while inspecting new submissions to VirusTotal. Our analysis of this piece of software revealed that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software (adware) is designed to enable
Our team has discovered an untrustworthy application called InformationPing while examining deceptive websites instructing visitors to update outdated software. We learned that InformationPing has no useful features - the main purpose of this app is to display intrusive advertisements. Software
While inspecting a shady website instructing us to add some extension to a browser to continue, we discovered an app called Get colors. After adding it to a browser, we learned that it manipulates the settings of a browser to promote a fake search engine. Get color is a browser hijacker that promo
While inspecting dubious websites, our researchers discovered the news-tecayu[.]cc rogue page. It operates by pushing spam browser notifications and redirecting visitors to different (likely untrustworthy/malicious) webpages. Most users enter news-tecayu[.]cc and similar sites through redirects ca
GenesisOdyssey is a piece of rogue software that our research team found while inspecting new submissions to VirusTotal. Our analysis of this app revealed that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software operates by running intrusive adv
Our researchers discovered the Helphack ransomware during a routine inspection of new submissions to VirusTotal. We determined that Helphack is based on the Chaos ransomware. Once we executed a sample on our test machine, Helphack encrypted files and appended their names with an extension consist