Bloom is a piece of advertising-supported software (adware), which our research team discovered while inspecting shady download pages. We have also noted that this application is practically identical to Tone adware. Once installed onto our test machine, Bloom began displaying advertisemen
XRED is ransomware that encrypts files (makes them unusable), creates the "read_it.txt" file, changes the desktop wallpaper, and appends four random characters to filenames. Our malware researchers have discovered this ransomware while examining the samples submitted to VirusTotal. An example of
Plus Darker is a browser extension advertised as a tool capable of enabling dark mode for simple websites. We have determined that this piece of software operates as a browser hijacker. Plus Darker changes browser settings to promote the getsins.com fake search engine, and it spies on users' brows
DIKE is ransomware that cybercriminals use to blackmail victims. It encrypts files and generates "info.hta" and "info.txt" files that contain ransom notes. We have discovered DIKE while checking VirusTotal for submitted malware samples. It was found that DIKE is part of the Phobos ransomware famil
Discovered by our researchers while inspecting untrustworthy websites, allowww[.]com is a rogue webpage. It operates by promoting browser notification spam and redirecting visitors to unreliable/malicious sites. Most users enter allowww[.]com and similar websites inadvertently. Users can access t
Next-message[.]com is an untrustworthy website designed to trick visitors into allowing it to show notifications. It uses a clickbait technique/displays deceptive content to get that permission. Our team has discovered next-message[.]com while inspecting pages that use rogue advertising networks.
Our team has analyzed this email and found that it is disguised as a letter from the email service provider. It contains a hyperlink that opens a phishing website asking to provide login credentials. The purpose of this phishing email is to trick recipients into providing their email account passw
Yoursecuresoft[.]com is a rogue website that promotes deceptive material, pushes browser notification spam, and redirects visitors to other unreliable/malicious sites. Our research team found this page while inspecting shady websites. Most users access yoursecuresoft[.]com and similar webpages vi
Discovered by our research team while inspecting new malware submissions on VirusTotal, 1k3pl is a piece of malicious software categorized as ransomware. After being executed on our test system, 1k3pl began encrypting files and renaming them by appending the filenames with a random character stri
S-400 is the name of a Remote Access Trojan (RAT) that our research team found while inspecting new malware submissions to VirusTotal. Trojans of this type enable stealthy remote access and control over infected devices. RATs typically have a broad range of functionalities that allow them to perfo