During a routine inspection of new submissions to VirusTotal, our research team found the CommonOperation application. Following our analysis, we determined that this piece of software operates as adware and belongs to the AdLoad malware family. Adware may require certain conditions (e.g
SMSControllo is the name of an Android malware targeting residents of Italy. This malware can steal SMS messages (read and send them to a server controlled by the attackers) and share the infected device's screen. It is likely that threat actors use email attachments or SMS to deliver SMSControllo
Ygvb is a piece of malicious software classified as ransomware. Our researchers found this program while inspecting new submissions to VirusTotal, and determined that it belongs to the Djvu ransomware family. After being launched onto our test machine, Ygvb encrypted files and appended their file
CapacityMegabyte is the name of an advertising-supported application that our team has discovered on a deceptive website offering to update the Adobe Flash Player. The purpose of this application is to generate intrusive advertisements. In most cases, apps of this type are promoted and distribut
Freeadvhub[.]com is one of the deceptive pages that use a clickbait technique to get permission to show notifications from visitors. Additionally, it redirects them to other shady pages. Our team has discovered freeadvhub[.]com while visiting sites that use rogue advertising networks (e.g., illega
We have discovered a new Djvu ransomware variant called Nuhb. It was found while examining malware samples submitted to VirusTotal. While analyzing Nuhb, we learned that it encrypts files and appends the ".nuhb" extension to filenames. Also, it provides a ransom note - it creates a text file named
Dwqs encrypts files and appends the ".dwqs" extension to filenames. Also, it creates the "_readme.txt" file (a ransom note). Dwqs is ransomware that belongs to the Djvu family. We have discovered this ransomware variant while inspecting malware samples submitted to the VirusTotal page. An example
We have discovered the MajorLauncher application while auditing shady websites offering to install software updates (download a fake Adobe Flash Player installer). While testing the app, we found that it operates as adware - it generates unwanted advertisements. Typically, apps like Majo
Notadsreviews[.]com is a shady website that displays deceptive content to trick visitors into allowing it to show notifications. Moreover, it redirects to other untrustworthy websites. Our team has discovered notadsreviews[.]com while examining pages that use rogue advertising networks. No
We have discovered this app on a deceptive website offering to download a software update. After installing and examining the OnlineDisplay, we found that it operates as adware - it displays annoying advertisements. It is worth mentioning that there are plenty of apps like OnlineDisplay, and mos