Settings is the name of an application that we have discovered after downloading software from a shady website and cracked software distribution page. During the analysis, we found that it runs in the Task Manager as "Settings software Copyright © 2021" (the process name may vary). The purpose of
ChromeLoader was first analyzed by x3ph, and later dubbed by G-Data researchers as Choziosi loader. This malware is designed to install malicious extension(s) onto browsers. Currently, two distinct variants of ChromeLoader have been detected - one targeting Windows Operating Systems and another -
Files Download Now is presented as a tool allowing users to keep track of their downloads and quickly access (and manage) downloads, and create new downloads. We have discovered this app on a deceptive website. After downloading and installing the app, we learned that it generates intrusive advert
News-rulujo[.]cc displays deceptive content and asks for permission to deliver notifications. It is an untrustworthy page promoted via other pages of this kind. Our team discovered news-rulujo[.]cc while examining various torrent sites, illegal movie streaming websites, etc. News-rulujo[.]
After inspecting the "DHL NOTICE OF ARRIVAL" email, we determined that it is malspam. These letters are disguised as notifications concerning a package shipped through DHL - a legitimate logistics and package delivery company. It must be emphasized that these emails are in no way associated with D
After inspection, we have concluded that this is a phishing email pretending to be a letter from the email service provider. Scammers behind this email aim to trick recipients into providing personal information. The email contains a hyperlink that opens a deceptive website (fake Webmail login pag
Our team has discovered the UnlimitedPixel application while inspecting various shady websites. After downloading and installing this app, we learned that it shows annoying/intrusive advertisements. For this reason, we have classified UnlimitedPixel as an advertising-supported application.
While inspecting untrustworthy websites, our researchers discovered the social-discovery[.]io rogue page. It is designed to load dubious content, promote spam browser notifications, and redirect visitors to other (likely unreliable/malicious) sites. Users typically enter social-discovery[.]io and
While inspecting dubious software promoting webpages, our research team discovered the Down Assist browser extension. It is endorsed as a tool capable of quickly providing alternative websites when the one users seek to access is down (unavailable). After analyzing Down Assist, we determined that
RedEngine is a ransomware-type program that we found while inspecting new malware submissions to VirusTotal. We determined that RedEngine is based on the Chaos ransomware. After we released a sample of RedEngine on our test system, it encrypted files and appended their filenames with an extension