IceXLoader is a loader-type malware written in the Nim programming language. Malicious programs within this classification are designed to cause chain infections. In other words, they operate by downloading/installing additional malicious components or malware onto compromised systems. Ice
Webnotificationsgroup[.]com is a rogue webpage that our researchers discovered while inspecting untrustworthy sites. It is designed to promote browser notification spam and redirect visitors to other (likely unreliable/dangerous) websites. Most users enter such pages through redirects caused by pa
Auto Skip Ads is the name of a browser extension that our researchers found while inspecting questionable software-promoting sites. This piece of software promises a feature that blocks/skips advertisements on YouTube. However, our analysis revealed that this extension operates as adware instead.
While inspecting dubious websites, our research team found the athree[.]xyz rogue page. It is designed to load deceptive material, promote browser notification spam, and redirect visitors to other (likely untrustworthy/malicious) webpages. Users typically enter sites like athree[.]xyz through page
LogLibrary is a piece of rogue software that our researchers found while checking out new submissions to VirusTotal. After analyzing this app, we determined that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software is designed to run intrusive ad
Our researchers discovered the goograriva[.]com rogue page during a routine inspection of dubious websites. This site operates by pushing browser notification spam and redirecting visitors to different (likely untrustworthy/hazardous) webpages. Most users enter websites like goograriva[.]com via
While inspecting untrustworthy websites, we discovered the ourcoolblog[.]com rogue page. It is designed to promote spam browser notifications and redirect visitors to other (likely unreliable/malicious) sites. Users typically enter websites like ourcoolblog[.]com via redirects caused by webpages u
StealBit is the name of a malicious program designed to exfiltrate (download) sensitive content from infected machines. This malware has been used in campaigns concluding with LockBit ransomware infections. StealBit is employed in the double-extortion tactics used by LockBit. This program's task
Cinemate is described as an app that helps users find movies playing in theaters. We have discovered this app while examining deceptive websites. After downloading and adding Cinemate to a web browser, we learned that it generates advertisements (it functions as adware). It is highly advisable not
Eijy is ransomware that is part of the Djvu ransomware family. It encrypts files and appends the ".eijy" extension to filenames. Also, it creates the "_readme.txt" file containing a ransom note. An example of how Eijy renames files: it renames "1.jpg" to "1.jpg.eijy", "2.png" to "2.png.eijy", "3.e