While examining shady websites claiming that some installed software is out of date, we discovered an application called AuroraFit. After downloading and installing this app, we learned that it has no useful features and displays annoying advertisements. Thus, we concluded that AuroraFit functio
Oori is ransomware that belongs to the Djvu ransomware family. Our malware researchers discovered Oori while examining samples submitted to VirusTotal. We found that Oori encrypts files and appends its extension (".oori") to filenames. Also, it drops the "_readme.txt" file on the desktop (this fil
Ooxa is the name of ransomware we discovered while checking the VirusTotal site for recently submitted malware samples. Our team has found that Ooxa belongs to a ransomware family called Djvu. It is malware that encrypts files, modifies filenames (appends the ".ooxa" extension to them), and drops
Ptaimpeerte[.]com is a shady website we discovered while inspecting other pages of this kind (websites that use rogue advertising networks). Ptaimpeerte[.]com displays deceptive content to trick visitors into allowing it to show notifications. Also, it redirects visitors to a similar page.
While checking the VirusTotal page for recently submitted malware samples, our team discovered an OpenDocument malware. OpenDocument is a legitimate file format for Office Applications. Cybercriminals use a malicious OpenDocument file in their campaign to target Latin American hotels. They use it
Our research team discovered the adsandcomputer[.]com rogue page while inspecting untrustworthy sites. This webpage promotes spam browser notifications and redirects visitors to other (likely unreliable/harmful) websites. Users typically access such pages via redirects caused by sites using rogue
While inspecting new submissions to VirusTotal, our researchers discovered the NetCreative rogue app. After analyzing this piece of software, we determined that it operates as adware and belongs to the AdLoad malware family. Adware may require certain conditions to display advertisements
During a routine inspection of untrustworthy websites, our researchers found notifinfoback[.]com - yet another rogue webpage promoting browser notification spam. This site attempts to trick users into allowing it to deliver its notifications. Additionally, notifinfoback[.]com can cause redirects t
Our researchers discovered the extravideo[.]live rogue page while inspecting questionable websites. This webpage is designed to push browser notification spam and redirect visitors to other (likely untrustworthy/malicious) sites. Most users enter these webpages through redirects caused by pages us
Trusted-stream[.]life is one of the websites designed to trick visitors into allowing them to show notifications. Also, this page redirects visitors to other websites of this type. Typically, users do not open such pages on purpose. We discovered trusted-stream[.]life while visiting and examining