While inspecting new submissions to VirusTotal, our researchers discovered the Joker ransomware. This malicious program is part of the VoidCrypt ransomware family. After we executed a sample of Joker on our test machine, it encrypted files and modified their filenames. Original titles were append
While inspecting suspicious software-promoting websites, our research team found an adware-type application called Mobile. This app is designed to run intrusive advertisement campaigns. Additionally, Mobile might have data tracking functionalities. Adware stands for advertising-supported s
While examining the UpSearches browser extension, we discovered that it is a browser hijacker that promotes upsearches.com - a fake search engine. It hijacks a web browser by changing its settings. Typically, users download and add browser-hijacking apps to browsers inadvertently. UpSearch
We discovered the Webpage Text Reader browser extension While inspecting a deceptive web page offering to update a browser. After downloading and adding Webpage Text Reader, we found that it generates annoying advertisements. Therefore, we classified this app as adware. Also, we learned that Webpa
Findhealthinfonow.com is the address of a fake search engine. Websites of this kind are typically promoted by software classified as browser hijackers. They modify browser settings in order to cause redirects to illegitimate search engines. Additionally, both these websites and the software promot
Winxvykljw is ransomware that encrypts files to make them inaccessible/unusable. Winxvykljw is part of the Snatch ransomware family. We discovered it while analyzing malware samples submitted to VirusTotal. We also found that Winxvykljw appends its extension (".winxvykljw") to filenames and create
ValueFlip is a piece of rogue software that our researchers found while inspecting new submissions to VirusTotal. Our analysis of this app revealed that it operates as adware and is part of the AdLoad malware family. ValueFlip runs intrusive advertisement campaigns and likely collects private da
Aamv is a ransomware-type program that our researchers found while investigating new submissions to VirusTotal. It is pertinent to mention that this malicious program belongs to the Djvu ransomware family. Once launched on our testing system, Aamv began encrypting files. It appended the names of
While examining malware samples submitted to the VirusTotal page, we found ransomware called Aayu. We learned that Aayu is part of the Djvu ransomware. The purpose of ransomware is to encrypt files. In addition to encrypting files, Aayu renames them (it appends ".aayu" extension to filenames) and
Harly is a piece of malicious software targeting Android operating systems. It is a type of toll fraud malware designed to stealthily subscribe victims to various premium-rate services. Harly is proliferated under the guise of various useful and innocuous-looking applications. As mentioned