LokiLok is a piece of malicious software classified as ransomware, which our researchers discovered while inspecting new submissions to VirusTotal. After analyzing LokiLok, we determined that it is based on a ransomware-type program called Chaos. Once launched onto our test machine, LokiLok encry
Star-search.xyz is a fake search engine that shows results generated by Bing. It does not generate any unique search results. Typically, fake search engines are promoted through browser hijackers. Most apps of this type are promoted/distributed using questionable methods. We have discovered star-s
Posttrendingblog[.]com is one of the many websites designed to trick visitors into allowing them to show notifications. Like most pages of this type, posttrendingblog[.]com displays deceptive contents. It also can redirect visitors to other websites of this kind. We have discovered posttrendingblo
ZipSome is an adware-type application that we discovered during a routine inspection of new VirusTotal detections. We learned that this app runs intrusive advertisement campaigns (i.e., display) ads. Furthermore, we determined that ZipSome belongs to the AdLoad malware family. Adware-del
We have discovered the TopConverterSearch application while inspecting various shady websites. After downloading and installing it, we found that it is a browser hijacker designed to promote topconvertersearch.com (a fake search engine). TopConverterSearch hijacks a web browser by modifying its se
Our inspection of the "SECRETO PROFESIONAL Y CONFIDENCIAL" email revealed that it is spam used to proliferate malware. This letter is in Spanish and claims to contain highly confidential information in the attachment (although it does not specify further). This email is designed to trick recipien
Hachiman is screen-locking ransomware that locks the screen (operates as a screen locker) and displays a ransom note explaining how to unlock the screen. Hachiman was discovered by Karsten Hahn. It is worth mentioning that Hachiman does not encrypt any files. Screenshot of the ransom note disp
ProcessorProgression is an application that our research team found while looking through new submissions on VirusTotal. Following our inspection of this app, we determined that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware is des
TheADSBlockSearch is a browser hijacker that promotes theadsblocksearch.com - a fake search engine. This application hijacks a web browser by changing its certain settings. Typically, apps of this type are promoted (and distributed) using shady methods. Thus, users download and install them inadve
Placebonusextra[.]com is a rogue webpage that our researchers discovered while inspecting questionable sites. This page is designed to promote deceptive material, push browser notification spam, and redirect visitors to other (likely untrustworthy/malicious) websites. Most users enter webpages li