We discovered Nnice during our routine inspection of malware samples submitted to VirusTotal. Upon analyzing Nnice, we concluded that it is ransomware designed to encrypt files. When infiltrated, Nnice not only encrypts files but also appends its extension (".nnice"). Additionally, the malware cha
Our analysis of excumord[.]com reveals that it uses clickbait to trick users into permitting it to send notifications. Once allowed, the site bombards users with fake warnings and similar notifications. As a result, users should avoid visiting excumord[.]com and never give it aby permissions.
Our team has inspected the email and concluded that it is a fake letter from Zoho disguised as a notification regarding the security of outgoing emails. The scammers behind this fraudulent email seek to deceive unsuspecting recipients into opening a fake web page (a phishing site) and entering per
We have analyzed aecroicited[.]com and found that it employs clickbait, a deceptive tactic, to obtain permission to show notifications. After gaining this access, the site floods users with false alerts and other misleading notifications. Consequently, users should avoid granting notification perm
Our researchers discovered the privacysearchapp.net website while investigating the Privacy Search browser extension. On our test machine, this piece of software modified browser settings and produced redirects landing on privacysearchapp.net. This behavior is reminiscent of browser hijackers.
After reading this "Validation Process For The SSL Certificate" email, we determined that it is spam. The message claims that the recipient's email account could not be validated. This lure drives recipients to visit a phishing website that targets account log-in credentials (passwords). T
Our examination of Linkmanager revealed it to be a suspicious application with adware-like behavior. After installation, it floods users with intrusive and misleading ads. Furthermore, based on our analysis, many security vendors have identified Linkmanager as a malicious program. Linkma
Our researchers discovered avastosgr[.]fun while investigating unreliable websites. After analyzing this rogue page, we learned that it promotes online scams and browser notification spam. Additionally, the webpage can redirect visitors elsewhere (likely untrustworthy/dangerous sites). The majori
Our examination of the Joas App revealed no discernible functionality. However, we found that it is delivered through dubious channels and is used to distribute Legion Loader (and is likely bundled with other unwanted software or other suspicious elements). Consequently, we have categorized the Jo
Our research team discovered EssentialOperation while inspecting new submissions to the VirusTotal website. After investigating this app, we learned that it is adware. EssentialOperation is part of the AdLoad malware family. Advertising-supported software generates revenue for its develo