Our research team discovered the Aurora malware while looking through hacker forums. Its developers advertise Aurora as a multifunctional piece of malicious software. The program's promotional material states that it operates as a RAT (Remote Access Trojan), botnet, stealer, clipper, and data-encr
Qqjj is ransomware (belonging to the Djvu ransomware family) designed to encrypt files and change their extension to ".qqjj". It also drops the "_readme.txt" file (a ransom note) on the desktop. Our malware researchers discovered Qqjj while checking the VirusTotal page for recently submitted malwa
During a routine inspection of new submissions to VirusTotal, our research team found the SurplusStatus rogue application. Our analysis revealed that SurplusStatus is advertising-supported software (adware). Furthermore, SurplusStatus is part of the AdLoad malware family. It is noteworth
While analyzing captchaless[.]top, we found that this page is created to trick visitors into agreeing to receive notifications. The purpose of this site is to promote other untrustworthy websites and apps. Our team discovered captchaless[.]top while inspecting sites that use rogue advertising netw
SmartRecord is a rogue app that we discovered while looking through new submissions to VirusTotal. After analyzing this piece of software, we determined that it is adware. Additionally, it is noteworthy that SmartRecord is part of the AdLoad malware family. Advertising-supported software
File Download Manager - as its name implies - is a rogue browser extension that claims to operate as a download management tool. Our research team discovered this extension while inspecting dubious software-promoting webpages. After analyzing File Download Manager, we determined that it is adware.
After testing the DimMode application, we learned that it provides no useful features and generates annoying advertisements. Additionally, it can read data on all visited websites. Thus, we classified DimMode as adware. It is worth mentioning that this app/browser extension is promoted via decepti
Donkeyf*cker is ransomware designed to encrypt files, modify filenames, and drop the "#HOW_TO_DECRYPT#.txt" file (a ransom note) on the desktop. We discovered this ransomware while examining malware samples submitted to the VirusTotal web page. Donkeyf*cker renames files by appending a string of
While examining the mysmarterdeals[.]shop page, we found that it is a deceptive website running a survey scam and asking for permission to deliver untrustworthy notifications. Also, it redirects visitors to other shady web pages. We discovered mysmarterdeals[.]shop while inspecting sites that use
While inspecting questionable software-promoting websites, our researchers discovered the Reduce-Light browser extension. This piece of software promises to enable dark mode for simple design webpages. However, our analysis revealed that Reduce-Light operates as adware instead. Advertising