While inspecting new submissions to VirusTotal, our researchers discovered the U2K ransomware. We determined that this malicious program is identical to MME ransomware. After we launched a sample of U2K on our test machine, it encrypted files and altered their names. The filenames were appended w
Rewardusacenter[.]com is a deceptive website that wants to show notifications and redirects visitors to a scam website (possibly to more than one). We discovered rewardusacenter[.]com while analyzing certain websites that use rogue advertising networks. It is uncommon for sites like rewardusacente
We discovered a new ransomware called Youfileslock while checking the VirusTotal page for the recently submitted samples. Our key findings were that Youfileslock belongs to the MedusaLocker family, encrypts files, appends the ".youfileslock" extension to filenames, and creates the "HOW_TO_RECOVER_
HorizonCentric is a rogue app that our researchers discovered while looking through new submissions to VirusTotal. Our analysis of this piece of software revealed that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software (adware) enables the plac
Fake Coinbase Wallet extension - refers to a rogue browser extension disguised as a Coinbase product. Unwanted software often uses the names, graphics, and other content belonging to legitimate products - in order to trick users into download/installation. Typically, software that uses deceptive
Special-discounts[.]club is designed to display deceptive content to trick visitors into agreeing to receive notifications. Also, it can redirect visitors to other shady pages. Our team discovered special-discounts[.]club while inspecting torrent sites, illegal movie streaming pages, and similar w
After downloading and installing the DynamicSync application, we found that it is a useless app that functions as adware. It generates intrusive advertisements. We discovered this adware while examining deceptive pages encouraging visitors to update "outdated" software. We found that Dyn
WANNAFRIENDME 2 is ransomware that encrypts files, modifies filenames (appends the ".iRazormind" extension), and drops the "README.txt" file containing a ransom note. Our team discovered this ransomware while inspecting malware samples submitted to VirusTotal. An example of how WANNAFRIENDME 2 re
We discovered FormatSync while inspecting shady websites distributing fake Adobe Flash Player installers. After downloading and installing this app, we learned that it displays annoying advertisements. Apps like FormatSync are classified as advertising-supported applications. FormatSync
Our research team found the news-hanuca[.]cc rogue page during a routine inspection of untrustworthy websites. This webpage is designed to promote browser notification spam via deception. Additionally, news-hanuca[.]cc can redirect visitors to other (likely dubious/malicious) sites. Users typical