Our researchers found the OkHacked ransomware during a routine inspection of new submissions to VirusTotal. This malicious program is based on the Chaos ransomware, and it is designed to encrypt data and demand payment for the decryption. After we executed a sample of OkHacked on our test machine
Netlock is ransomware designed to encrypt files, append the ".netlock" extension to filenames, and create the "how_to_back_files.html" file that contains a ransom note. Our team discovered Netlock while examining samples submitted to the VirusTotal page. We also found that Netlock is part of the M
After inspecting the "PayPal - Your Order Is Already Processed" email, we determined that it is spam. This fake email is presented as a notification from PayPal informing the recipient of a successfully processed order. This mail aims to trick users into calling the provided telephone number and e
While testing the NativeSimply application, our team learned that it generates intrusive advertisements to promote various websites and apps. Software that shows ads is called adware (or advertising-supported software). We discovered NativeSimply after using a fake installer downloaded from a sh
While examining sopuw[.]click, we learned that it promotes legitimate software in a deceptive way (it displays fake virus warnings) and asks for permission to show notifications. Our team discovered sopuw[.]click while inspecting websites that use rogue advertising networks. Users rarely visit pag
LegionSuites is an application that generates revenue for its developer by bombarding users with various advertisements. Software of this type is called adware. We discovered LegionSuites after examining a fake installer that is supposed to update the Adobe Flash Player. We classified Le
Fastholidayshopping.com is the address of an illegitimate search engine. Websites of this kind are typically promoted by browser hijackers. This software makes changes to browser settings in order to cause redirects to fake search engines (e.g., fastholidayshopping.com). Furthermore, browser-hijac
Our inspection of the "Funding Commitments To Fight COVID-19" email swiftly revealed that it is spam. This letter states that the recipient has been randomly selected as a beneficiary of a huge grant. This scam is presented as a "funding commitment" of the Bill & Melinda Gates Foundation as pa
Fynweb[.]com is a rogue site that our researchers discovered during a routine inspection of questionable websites. This page uses deception to trick visitors into allowing it to deliver browser notification spam. Additionally, it is capable of redirecting visitors elsewhere (likely unreliable/dang
FLB Music is one of the ChromeLoader malware variants. It is an advertising-supported application disguised as a media player. It generates unwanted advertisements and enables the malware to load modules for network communication and DHCP snooping. Our team discovered the FLB Music application aft