OrionRound is a piece of rogue software that our research team found during a routine inspection of new submissions to VirusTotal. Our analysis of this application revealed that OrionRound is adware belonging to the AdLoad malware family. Adware enables the placements of intrusive ads on
Severalsituations[.]click is an untrustworthy (deceptive) web page that displays deceptive content. It runs a scam similar to "McAfee - Your PC is infected with 5 viruses!". Also, it asks for permission to deliver notifications. Our researchers discovered this site while checking out websites that
While examining deceptive websites claiming that it might be required to add some extension to a browser, we discovered an application called Safe-Eyes. After testing this app, we learned that it operates as adware - it generates annoying advertisements. We also found that it can read and change a
Antivirus-click[.]com is a rogue page that we discovered while inspecting untrustworthy websites. It is designed to host scams, promote browser notification spam, and redirect visitors to other (likely dubious/malicious) webpages. Users typically enter these sites through redirects caused by pages
SampleFormat is a piece of rogue software that our researchers discovered while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it operates as adware and belongs to the AdLoad malware family. Adware enables the placement of third-party graphical con
After analyzing this "FedEx Corporation" email, we determined that it is malspam. These letters are presented as reports from the FedEx Corporation regarding a shipment. However, their attachments are infectious and will begin downloading/installing malware upon being opened. It must be emphasize
PickGrid is an advertising-supported application that generates annoying/intrusive advertisements. Our team discovered this app after executing a fake installer downloaded from a shady website claiming that the installed version of Adobe Flash Player is out of date. PickGrid is not a trustworthy
Yoursafeguardshield[.]com is a rogue page that runs scams, promotes spam browser notifications, and causes redirects (most likely to untrustworthy/malicious websites). Our researchers discovered this webpage while inspecting sites that use rogue advertising networks. It is noteworthy that the red
While analyzing an email containing a malicious attachment, we discovered that the threat actors behind Qakbot (also known as QBot) use a DLL hijacking method to distribute malware. They are abusing the Windows 7 Calculator application in their attacks. Currently, Qakbot is known to be used as a d
Our inspection of the "Meeting Reminder" email revealed that it is spam. This letter operates as a phishing scam targeting email account log-in credentials. By making fake claims about an important document having been shared with the recipients - this scam attempts to trick them into disclosing t