Our research team discovered the PixelUnlimited application while inspecting new submissions to VirusTotal. After analyzing it, we determined that PixelUnlimited operates as advertising-supported software (adware) and is part of the AdLoad malware family. Certain factors like compatible
ConnectionInteractive is the name of an application our team discovered after using a fake installer downloaded from a deceptive website. During our analysis, we found that ConnectionInteractive is a useless application designed to generate advertisements. Thus, we classified ConnectionInteracti
Our team has discovered jerenga[.]click while inspecting various illegal movie streaming, torrent, and other sites. We found that jerenga[.]click runs the "McAfee - Your PC is infected with 5 viruses!" scam. Additionally, this page wants to show untrustworthy notifications. Jerenga[.]click
Petrovic has recently discovered ransomware called Agenda (also known as Qilin). This malware encrypts files, appends a string of random characters as a file extension, and drops the "[random_string]-RECOVER-README.txt" file (with the same random string in its filename as encrypted files have). Th
While examining shady websites instructing visitors to update the Adobe Flash Player (download a fake installer), we discovered an application called CoralMajesty. After testing the app, we found that it displays advertisements. Software of this type is called advertising-supported software (adw
AIVARAT is a piece of malicious software classified as a RAT (Remote Access Trojan). This program targets Android Operating Systems (OSes). RATs are designed to enable remote access and control over infected machines. AIVARAT is a multifunctional trojan - hence, it can exert a high level of contr
GetAnAntivirus is the name of a ransomware-type program that our researchers discovered while inspecting new malware submissions to VirusTotal. This malicious program is part of the Chaos ransomware family. After we launched a sample of this ransomware on our test machine, it encrypted files and
CycleAfter is a piece of rogue software classified as adware. We discovered this app while inspecting new submissions to VirusTotal. Additionally, it has to be mentioned that CycleAfter is part of the AdLoad malware family. Advertising-supported software (adware) displays ads on visited
While examining websites that use rogue advertising networks, we discovered news-jixuzi[.]cc - a shady page that uses a clickbait technique to trick visitors into allowing it to show notifications. It is uncommon for pages like news-jixuzi[.]cc to be visited intentionally. Also, they often redirec
Paradies clipper is the name of the malware that steals cryptocurrency from victims by replacing wallet addresses saved in the clipboard with addresses belonging to cybercriminals. It is sold on a hacker forum for 50 euros. The developer of the Paradies clipper describes it as a number one crypto