DeezNuts Crypter is a piece of malicious software classified as ransomware. Our research team found it while inspecting new submissions to VirusTotal. After being launched on our test machine, this ransomware encrypted files and renamed them by inserting ".deeznuts-crypter" between the original f
LocatorUpdate is the name of an application that we have discovered while analyzing shady websites. After testing the app, we learned that its purpose is to display intrusive advertisements. LocatorUpdate is a typical advertising-supported application that provides no real value to its users.
Our team has discovered the visible dark application/browser extension on a deceptive page. That page got opened while visiting other websites that use shady advertising networks. After examining the visible dark application, we found that it displays annoying advertisements. Thus, it was conclude
FeaturePremium is a piece of rogue software that our researchers discovered while inspecting new submissions to VirusTotal. Our analysis uncovered that this app operates as adware and belongs to the AdLoad malware family. Adware may not deliver intrusive advertisement campaigns (display
Our team has discovered the p03try-c4t3g0ry[.]xyz website while examining illegal movie streaming, torrent, and similar sites (pages that use rogue advertising networks). P03try-c4t3g0ry[.]xyz is a page that runs the "You've Visited Illegal Infected Website" scam. Also, this untrustworthy site ask
CH Miner is the name of a cryptocurrency miner with Remote Administration Trojan (RAT) and clipper functionality. It is created by the same cybercriminals who have developed the Echelon Stealer. Our team has discovered the CH Miner on a hacker forum. It costs $20 for three days, $40 for a week, $
During a routine inspection of new submissions to VirusTotal, our research team found the AgentAdmin application. After analyzing this app, we learned that it operates as advertising-supported software (adware), and it also belongs to the AdLoad malware family. Advertising-supported soft
Our malware researchers have discovered a ransomware variant called Kxde while analyzing the samples submitted to VirusTotal. This variant is part of the Djvu ransomware family. It encrypts files and appends the ".kxde" extension to filenames. Kxde also provides a ransom note (creates a text file
1xExujJunyRVG8MWnEgxdHkVwW7xSzntZ is the name of a clipper-type malware. Malicious programs of this kind are also known as "clipboard hijackers"; they operate by changing clipboard data. Typically, clippers are used to redirect outgoing cryptocurrency transactions by replacing the intended wallet'
Securesoftwarepc[.]com is a shady website running the "McAfee - Your PC is infected with 5 viruses!" scam and asking for permission to show notifications. Our team has discovered this deceptive page while examining other pages of this kind that use rogue advertising networks. The purpose o