Our team has discovered the Tail Box application after downloading an app from a shady website. We have examined the app and found that it hijacks a web browser to promote the tailsearch.com address, a fake search engine. Browser hijackers and fake search engines cannot be trusted. Tail Bo
Our researchers discovered the pick dark browser extension during a routine inspection of deceptive download pages. This piece of software promises to enable dark mode for simple design websites. However, we determined that pick dark operates as a browser hijacker and promotes the getsins.com fake
T1000 is ransomware that our team has discovered during the analysis of malware samples submitted to VirusTotal. The purpose of ransomware is to encrypt files and demand a ransom. We found that T1000 renames encrypted files by appending the ".T1000" extension to filenames. For example, it renames
Get Icons is a browser extension that supposedly allows users to download various icons. Our research team discovered this piece of software while inspecting deceptive download webpages. After analyzing Get Icons, we determined that it operates as advertising-supported software (adware). O
Our team discovered the application named ViewFont while checking VirusTotal for recently submitted samples. We found that the purpose of this app is to generate advertisements. ViewFont is an adware-type app that bombards users with unwanted/annoying advertisements. Usually, adware is promoted
Qbaa is a piece of malicious software belonging to the Djvu ransomware family. Our researchers discovered a sample of this ransomware on VirusTotal. After analyzing it, we found that this malicious program encrypts files and appends their filenames with the ".qbaa" extension. For example, a file
Our team has discovered the Fopa ransomware (which is part of the Djvu family) while examining malware samples submitted to VirusTotal. The purpose of Fopa is to encrypt files. Also, it renames all encrypted files by appending the ".Fopa" extension and creates the "_readme.txt" file containing con
We detected the reL ransomware variant (which belongs to the Dharma ransomware family) while checking the samples submitted to VirusTotal. We found that reL encrypts files and appends the victim's ID, release@techmail.info email address, and the ".reL" extension to filenames. Also, it displays a p
Protecthub[.]xyz displays deceptive content to fraudulently promote legitimate software and asks for permission to show notifications. Additionally, it might be designed to redirect visitors to other shady websites. Our team has discovered protecthub[.]xyz while examining sites that use rogue adve
Data Shield for Chrome is a browser hijacker designed to promote search.wiseghostapp.com - a fake search engine. It hijacks a web browser by changing its settings. Our malware researchers have found Data Shield for Chrome on a deceptive website promoted via other sites that use questionable advert