Eldritch is the name of a ransomware that our researchers found while investigating new malware submissions to the VirusTotal platform. This malicious program encrypts files and demands payment for their decryption. On our test system, Eldritch encrypted files and added a ".eldritch" extension to
Aphrobyte Plus is a potent Remote Access Trojan (RAT) that utilizes Discord as a communication channel to connect with the victim's computer. This adaptable Trojan boasts an extensive repertoire of 41 commands, offering over 60 features. Cybercriminals can acquire Aphrobyte Plus on hacker forums f
Following an assessment of GraphicsReviewScript, it has been established that its primary purpose is to inundate users with intrusive advertisements, clearly defining it as adware. It is crucial to emphasize that applications like GraphicsReviewScript are often unwittingly installed by users due
During the examination of a dubious installer obtained from an unreliable website, the PumaConcolor browser extension was encountered. The inquiry unveiled that this extension possesses suspicious characteristics. PumaConcolor has the ability to activate the "Managed by your organization" feature
After conducting an evaluation of HardDriveQueryWave, it has been determined that its main objective is to flood users with bothersome advertisements (that HardDriveQueryWave functions as adware). It is important to highlight that applications like HardDriveQueryWave are frequently unintentional
Following an assessment of KeySection, it has been established that its primary purpose is to inundate users with intrusive advertisements. KeySection operates as adware. It is crucial to emphasize that applications similar to KeySection are often installed by users unintentionally due to the me
Germantopsuper[.]pw is a rogue webpage promoting scams and spam browser notifications. Furthermore, it can redirect visitors to other (likely untrustworthy/hazardous) sites. Users primarily access pages of this kind via redirects caused by websites utilizing rogue advertising networks. Our resear
Our research team discovered the HostingValues rogue app while checking out new file submissions to the VirusTotal platform. After investigating this application, we learned that it is advertising-supported software (adware). Additionally, we determined that HostingValues is part of the AdLoad m
Our researchers found the TimeNow browser extension while investigating deceptive sites. This piece of software is promoted as an easy-access tool to world clocks, i.e., current time in different timezones. After analyzing TimeNow, we determined that it operates as a browser hijacker. The extensi
Our inspection of the "McAfee Has Successfully Renewed Your Membership" email revealed that it is spam. The email is presented as a notification from McAfee regarding membership renewal. This spam mail promotes a callback scam by deceiving users into calling a fake helpline to address or cancel th