It is the name of a malicious application that provides access to Android devices and spies on victims. APT32 establishes the "MainService" service, connects to a command-and-control (C2) server, and starts its malicious activities (it receives commands via a C2 server). It is known that this mali
While inspecting untrustworthy websites, our researchers found the "Your Computer May Be At Risk With An Expired McAfee License" scam. Typically, deceptive content of this kind is used to push unreliable or malicious software. At the time of research, this scam redirected to the official website
paint page is described as an application allowing users to paint the background and text on websites. After testing the application, we noticed that it shows annoying/intrusive advertisements. In other words, paint page is an advertising-supported application. Our team has discovered paint page o
IndexInterface is the name of an application that our team has discovered on a shady website offering to download fake updates for the Adobe Flash Player. After downloading and installing the app, we found that it generates unwanted advertisements. Therefore, we classified IndexInterface as adwa
AspectSkip is a rogue app that our researchers discovered while inspecting new submissions to VirusTotal. After we analyzed this piece of software, we learned that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software (adware) is designed to run i
Bbii is the name of ransomware belonging to the Djvu ransomware family. Our team has discovered this ransomware on VirusTotal (while analyzing malware samples submitted to the page). Bbii encrypts files and appends the ".bbii" extension to their filenames. Also, it drops the "_readme.txt" file. Th
While inspecting new submissions to VirusTotal, our researchers found the Pandora ransomware. We determined that this malicious program belongs to the TeslaRVNG ransomware family. After launching a sample of Pandora (TeslaRVNG) ransomware on our test system, it encrypted files and altered their f
Our inspection of the "Impex Delivery Services" email revealed that it is spam. These letters claim that recipients have received a large inheritance, which can be claimed by making a single payment. It must be emphasized that the information provided by these emails is false, and the companies/e
While checking out untrustworthy sites, our research team discovered the pprettierums[.]com rogue webpage. It loads scams, promotes browser notification spam, and redirects visitors to other (likely unreliable/malicious) websites. Users typically enter these pages through redirects caused by sites
Bbzz is ransomware belonging to the Djvu family. Our team discovered it while examining malware samples submitted to VirusTotal. Bbzz encrypts and renames files (by appending the ".bbzz" extension to filenames). It also creates a ransom note, a text file named "_readme.txt". An example of how Bbz