Goldoson is an Android malware that compiles a list of installed applications and records the history of Wi-Fi and Bluetooth devices, including GPS locations in close proximity. Additionally, the software includes a feature that allows it to engage in ad fraud by clicking on ads in the background
While investigating deceptive web pages (including sites that offer updates for supposedly outdated software), our team came across LauncherProgress, an application we deemed questionable. Once installed, LauncherProgress began displaying unwanted advertisements, leading us to classify it as adw
Upon analyzing the Infinity V+ New Tab browser extension, we discovered that it takes control of a web browser by altering its settings. The intended function of Infinity V+ New Tab is to promote trovi.com, which is a fake search engine. It is important to note that users rarely purposefully downl
Our team identified the Coza ransomware, which belongs to the Djvu family, while examining samples on VirusTotal. This malware encrypts data and modifies the names of affected files by adding the ".coza" extension. Once the encryption process is finished, a ransom note is left behind in the form o
After examining the NanoAccess application, we discovered that it displays intrusive advertisements. Consequently, we have categorized NanoAccess as adware, which is often distributed through dubious and misleading methods. As a result, unsuspecting users can unintentionally download and install
Our discovery revealed that the Unitab World Clock is a browser extension that takes control of web browsers (hijacks them) to promote search.unitab.me. This website is a fake search engine that does not produce its own search results. Browser hijackers are commonly downloaded and installed by use
After examining this email, our team concluded that it is a fraudulent email that masquerades as a letter from the assistant secretary general of the United Nations. Scammers behind it attempt to lure recipients into providing sensitive information or transferring money. Thus, recipients should ig
During our assessment of the MetroToken application, our team observed that it exhibits intrusive ads. As a result, we classified it as adware or software that supports advertising. Adware is typically installed unintentionally by users. Our detection of MetroToken occurred while examining decep
Upon testing the Sports Madness browser extension, we learned it is a browser hijacker promoting sportmadness.info, a fake search engine. Sports Madness hijacks web browsers by changing their settings. Usually, users download and add browser-hijacking apps inadvertently. Sports Madness is
Pwpdvl is ransomware that our team discovered while checking the VirusTotal site for recently submitted samples. Upon investigating Pwpdvl, we found that it encrypts files, appends the victim's ID and ".pwpdvl" extension to filenames, and creates a ransom note ("RESTORE_FILES_INFO.txt" file). An