After examining musicinmysoul[.]biz, we learned that it displays deceptive content to trick visitors into allowing it to show notifications. Another reason not to trust musicinmysoul[.]biz is that it can redirect to other pages of this kind. We discovered musicinmysoul[.]biz while inspecting websi
YamaBot is the name of a cross-platform malware written in the Go programming language. This malicious program targets both Windows and Linux Operating Systems (OSes). YamaBot is associated with the North Korean state-backed cyber criminals known as the Lazarus Group. YamaBot attacks have been obs
While looking through new submissions to VirusTotal, our researchers discovered the ComputingInvolve application. Our analysis of this piece of rogue software revealed that it operates as adware. Additionally, we learned that this app is part of the AdLoad malware family. Adware displays
Aigaithojo[.]com is an untrustworthy page that wants to show notifications. It uses a clickbait technique (a deceptive method) to trick visitors into allowing it to show those notifications. Also, aigaithojo[.]com redirects visitors to other websites. We discovered aigaithojo[.]com while inspectin
Screen Locking malware refers to screenlocker-type ransomware programs that target Android operating systems. There are numerous variants of this malware, but they differ from previously observed Android screenlockers due to the novel techniques that they use. This is a high-end screenlocker famil
While examining a malicious document containing Cobalt Strike beacon, we discovered a new malware called Manjusaka. This malware has the capabilities of a Remote Access Trojan (RAT). Cybercriminals can use it for various purposes (from stealing information to managing files). Manjusaka can be plan
Vvyu is ransomware that encrypts files and modifies filenames (appends the ".vvyu" extension to filenames). We found this ransomware while examining malware samples submitted to the VirusTotal page. In addition to encrypting and renaming files, Vvyu drops the "_readme.txt" file, a ransom note. We
Diet is the name of adware (advertising-supported software) that shows unwanted applications. Our team discovered it after inspecting an ISO file downloaded from a deceptive website. The purpose of the Diet is to display unwanted (intrusive) advertisements. This untrustworthy software should be re
Our researcher team found the twithdiffer[.]xyz rogue site while looking through various untrustworthy webpages. This page is designed to promote spam browser notifications and redirect visitors to other (likely unreliable or malicious) sites. Twithdiffer[.]xyz and similar webpages are usually ac
Mo*.biz is the address (URL) shared by a group of rogue websites, which include mo01[.]biz, mo02[.]biz, mo03[.]biz, mo04[.]biz, mo05[.]biz, mo06[.]biz, mo07[.]biz, and many others. These sites are designed to load deceptive content, promote browser notification spam, and redirect users to differen