While analyzing the samples submitted to the VirusTotal page, our team discovered spyware targeting macOS users called CloudMensis. It was found that CloudMensis is written in Objective-C programming language. It can exfiltrate documents and email attachments, capture the screen, log keystrokes,
PlanDevelopment is a piece of rogue software that our researchers discovered during a routine inspection of new submissions to VirusTotal. Our analysis of this application revealed that it operates as adware and is part of the AdLoad malware family. Advertising-supported software is desi
Auto Play is a browser extension that our team discovered while inspecting a deceptive website instructing us to add this extension to continue watching a video. After adding this app to a browser, we learned that it functions as adware - it shows annoying advertisements. Thus, we recommend not to
Notadvertise[.]com is a deceptive website designed to trick visitors into agreeing to receive notifications and redirect them to other untrustworthy websites. Typically, pages like notadvertise[.]com are visited unintentionally. We found this site while examining websites that use rogue advertisin
After analyzing this "Password Verification" email, we determined that it is a phishing spam email. Like many of its ilk, this letter attempts to trick recipients into revealing their email log-in credentials (passwords) by making false claims about their account's impending deactivation.
While checking the VirusTotal page for recently submitted malware samples, our malware researchers discovered the KOK08 ransomware. This ransomware is part of the Matrix ransomware family. It encrypts files, modifies their filenames, and creates the "!README_KOK08!.rtf" file that contains a ransom
After downloading and using a fake installer downloaded from a shady website, our team discovered an application called ExecutiveMethod. It is a useless application designed to bombard users with unwanted advertisements. Therefore, we classified ExecutiveMethod as adware (advertising-supported a
While looking through new submissions to VirusTotal, our researchers found yet another ransomware-type program - called NMO - that belongs to the Dharma ransomware family. After executing a sample of NMO on our test machine, it encrypted files and altered their filenames. The original titles were
LinearRadial is an application designed to bombard users with annoying advertisements. Apps of this type are classified as adware. We discovered LinearRadial while inspecting a shady installer downloaded from a deceptive web page. Advertisements generated by LinearRadial can open shady w
While visiting (and inspecting) illegal movie streaming, torrent, and similar pages, we discovered topsurvey24[.]top. This page runs a fake survey to promote other deceptive pages and asks permission to show notifications. It is not recommended to visit such pages and allow them to deliver notific