While testing searchoverus.com, we learned that it is a shady search engine. It generates questionable search results and shows advertisements. Typically, search engines of this kind are promoted via apps that hijack web browsers by changing their settings. Most users add browser hijackers to brow
Lol is ransomware that blocks access to data by encrypting it. In addition to encrypting files, it appends the ".lol" extension to filenames and creates the "Message.txt" file containing a ransom note. Our team discovered Lol ransomware while inspecting malware samples submitted to VirusTotal. An
Totalwebdefence[.]com is a rogue page that our researchers discovered while inspecting dubious websites. This webpage runs online scams, promotes browser notification spam, and redirects visitors to different (likely untrustworthy/harmful) sites. Most users enter pages like totalwebdefence[.]com
Our researchers discovered the Saving Files browser extension while inspecting dubious software promoting websites. This piece of software is promoted as a download management tool. However, our analysis revealed that Saving Files operates as adware instead. Adware stands for advertising-s
"Ads Blocker" (appeared as "Ads Blocker V16.1" on our testing machine) is a piece of malicious software targeting Android Operating Systems (OSes). This malware is capable of hijacking the device's calendar and overlaying browsers. "Ads Blocker" aims to promote a wide variety of rogue, scam, and m
Summer Locker is ransomware that prevents victims from using their files by encrypting them. Also, it appends the ".summer" extension to filenames. Summer Locker provides two ransom notes: one of them is displayed in a pop-up window and the second one is in the "___RECOVER__FILES__.summer.txt" fil
Week-tale[.]xyz is a deceptive website designed to lure visitors into granting it permission to show notifications. Also, it can redirect to a scam website (and possibly other untrustworthy pages). Our team discovered week-tale[.]xyz while examining illegal movie streaming pages, torrent sites, an
LinkRoot is the name of a rogue application that our researchers discovered while investigating new submissions to VirusTotal. After inspecting this piece of software, we learned that it operates as adware. Additionally, LinkRoot belongs to the AdLoad malware family. Adware is designed t
While testing UnitDisplay, we found that it is an advertising-supported application that shows annoying (intrusive) advertisements. In addition to displaying ads, UnitDisplay may be capable of gathering information. We discovered this app after downloading a fake installer from a deceptive websi
While inspecting new malware submissions to VirusTotal, our researchers discovered the HORNET ransomware. It is designed to encrypt data and make ransom demands for decryption. After we executed a sample of HORNET on our test machine, it began encrypting files and displayed a fake Windows OS upda