We have discovered the Quick Baro application after downloading it from a deceptive website. We learned that after the installation, Quick Baro hijacks a web browser by changing its settings. This app promotes barosearch.com - a fake search engine. Quick Baro forces users to visit barosear
ZxxZ is the name of a malicious program classified as a trojan. This malware is capable of infiltrating additional malicious software into systems. Hence, the threats posed by ZxxZ infections may be particularly broad. It is noteworthy that this trojan has been observed being actively spread via e
Matamoe is ransomware that we discovered while checking the VirusTotal page for recently submitted malware samples. It was found that Matamoe encrypts files, appends the ".matamoe" extension to filenames, changes the desktop wallpaper, and creates the "read_THIS.txt" file (a ransom note). An exam
Our researchers discovered OriginalScheduler during a routine inspection of new submissions to VirusTotal. After analyzing this application, we learned that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware enables the placement of ad
OnlineClient is an advertising-supported application. The purpose of this app is to generate annoying advertisements. Our team has discovered OnlineClient while examining deceptive websites. Typically, apps of this type are promoted and distributed using deceptive methods. Clicking on ad
We discovered Dfwe while examining malware samples submitted to VirusTotal. It is ransomware - malware that encrypts files and demands payment for their decryption. Dfwe appends the ".dfwe" extension to filenames and creates the "_readme.txt" file (a ransom note). We also found that Dfwe is part o
Primerewardz[.]com is a shady website that asks for permission to show notifications and redirects to a scam website (and possibly other untrustworthy pages). Our team discovered it during an analysis of pages that use rogue advertising networks (e.g., illegal movie streaming pages, torrent sites)
TrackFrequency is a rogue app, which we discovered while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that it is adware, and that it belongs to the AdLoad malware family. It is noteworthy that advertising-supported software may require c
Our team has examined this email and concluded that the scammers behind it aim to trick recipients into providing passwords. This email is disguised as a letter from the email service provider. It contains a link to a phishing page asking to provide login credentials (email address and password).
Our research team found the reuse tab browser extension while inspecting suspicious download webpages. We installed this piece of software onto our test machine, and based on its description in Chrome - we can surmise that this extension promises to save visited URLs for easy access in the future.