While checking the VirusTotal page for recently submitted malware samples, we came across Kriptor - ransomware that encrypts files. We also found that Kriptor appends ".Kriptor" extension to filenames, changes the desktop wallpaper, and drops the "read_it.txt" file (a ransom note) on a desktop. A
Our researchers discovered the MotivePrime rogue application while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that MotivePrime operates as adware and is part of the AdLoad malware family. Adware is designed to deliver intrusive adverti
After examining the notiftravel[.]com page, we learned that it displays deceptive content (uses a clickbait technique) to trick visitors into agreeing to receive notifications. Also, this page redirects visitors to another page of this type. We discovered notiftravel[.]com while analyzing sites th
While inspecting questionable pages that use rogue advertising networks, we found tools-basket[.]com - a page that wants to show notifications, displays deceptive content and promotes suspicious apps. After examining numerous pages similar to tools-basket[.]com we learned that none of them are tru
Our researchers found the BasicEngine rogue application while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it works as advertising-supported software (adware) and is part of the AdLoad malware family. Advertising-supported software displays ads o
While inspecting untrustworthy websites, we discovered the aughableleade[.]xyz rogue page. It promotes browser notification spam and redirects users to other (likely unreliable/harmful) webpages. Most users access aughableleade[.]xyz and sites akin to it - through redirects caused by webpages usin
SkyWebProcess is a rogue application that our researchers found while inspecting new submissions to VirusTotal. After analyzing this app, we determined that SkyWebProcess operates as adware and belongs to the AdLoad malware family. It is noteworthy that adware may require specific condit
Our research team found the UnitySquad application during a routine checkup of new submissions to VirusTotal. After inspecting this app, we learned that it operates as advertising-supported software (adware). Additionally, we determined that UnitySquad belongs to the AdLoad malware family.
While inspecting websites that use rogue advertising networks (and shady ads), we came across watchvideo[.]cc - another untrustworthy page. We learned that watchvideo[.]cc is a website that wants to show notifications (it displays deceptive content to trick visitors into agreeing to receive notifi
Our team has discovered an adware-type application (a browser extension) called text background during an analysis of deceptive websites. We learned that text background has no real value. The main purpose of this app is to bombard users with intrusive advertisements. Thus, it is recommended not t