SoftwareSkillMatrix is a rogue application that we discovered while investigating new submissions to the VirusTotal website. Our analysis revealed that it is advertising-supported software (adware). SoftwareSkillMatrix is part of the AdLoad malware family. Adware is designed to run intru
An examination of Converter Tab showed that this app operates as a browser hijacker. It takes control over a web browser by changing its settings. The purpose of Converter Tab is to promote convertertab.com, which is a fake search engine. It is advisable for users to exercise caution and avoid app
Forest New Tab is an extension that promises to display forest-themed browser wallpapers. After inspecting this piece of software, we determined that it is a browser hijacker. Forest New Tab makes changes to browser settings in order to endorse (via redirects) the ysrc2u.com illegitimate search en
Enmity is ransomware designed to encrypt data, modify the filenames of all encrypted files, and leave a ransom note (a file named "Enmity-Unlock-Guide.txt"). Enmity replaces filenames with a random string, email address, victim's ID, and a random extension. For instance, it renames "1.jpg" to "YG
Beautiful Beach Tab is a rogue browser extension. It modifies browser settings in order to promote (via redirects) the beautifulbeachtab.com fake search engine. Due to this behavior, Beautiful Beach Tab is classified as browser-hijacking software. On our test machine, Beautiful Beach Tab a
Our researchers found the Hyj ransomware while reviewing new submissions to the VirusTotal website. This malicious program belongs to the Xorist ransomware family. Hyj encrypts data and demands payment for its decryption. After we launched a sample of this ransomware on our test machine, it encry
LoniceraCaprifolium is a browser extension that has attracted attention during an investigation into a harmful installer found on a dubious website. This browser extension exhibits several significant functionalities, some of which have induced apprehension regarding user privacy and browser secur
Wandsservices[.]com is a website designed to display a deceptive message to trick visitors into allowing it to show notifications. This site was discovered while inspecting pages associated with rogue advertising networks. It is uncommon for sites like wandsservices[.]com to be visited on purpose.
After examination, it has been determined that this email constitutes a phishing scam. The perpetrators behind this fraudulent campaign intend to deceive recipients into disclosing sensitive information on a deceptive website. Consequently, it is highly advised to disregard and refrain from respon
PepeCry is ransomware discovered during an analysis of samples uploaded to the VirusTotal website. PepeCry is designed to encrypt files (which makes them inaccessible), add the ".cry" extension to filenames, and display a ransom note. An example of how PepeCry modifies filenames: it renames "1.jpg