While examining websites that use rogue advertising networks, we came across whatchnow[.]xyz - a page designed to trick visitors into allowing it to show notifications. There are numerous similar pages on the Internet. None of them can be trusted/should be allowed to show notifications. Wh
During a routine inspection of untrustworthy sites, our researchers discovered jubsaugn.com. This rogue webpage promotes spam browser notifications by attempting to trick visitors into allowing their delivery. Additionally, this website can redirect users elsewhere, likely dubious/malicious pages.
While checking the VirusTotal page for recently submitted malware samples, we came across Kriptor - ransomware that encrypts files. We also found that Kriptor appends ".Kriptor" extension to filenames, changes the desktop wallpaper, and drops the "read_it.txt" file (a ransom note) on a desktop. A
Our researchers discovered the MotivePrime rogue application while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that MotivePrime operates as adware and is part of the AdLoad malware family. Adware is designed to deliver intrusive adverti
After examining the notiftravel[.]com page, we learned that it displays deceptive content (uses a clickbait technique) to trick visitors into agreeing to receive notifications. Also, this page redirects visitors to another page of this type. We discovered notiftravel[.]com while analyzing sites th
While inspecting questionable pages that use rogue advertising networks, we found tools-basket[.]com - a page that wants to show notifications, displays deceptive content and promotes suspicious apps. After examining numerous pages similar to tools-basket[.]com we learned that none of them are tru
Our researchers found the BasicEngine rogue application while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it works as advertising-supported software (adware) and is part of the AdLoad malware family. Advertising-supported software displays ads o
While inspecting untrustworthy websites, we discovered the aughableleade[.]xyz rogue page. It promotes browser notification spam and redirects users to other (likely unreliable/harmful) webpages. Most users access aughableleade[.]xyz and sites akin to it - through redirects caused by webpages usin
SkyWebProcess is a rogue application that our researchers found while inspecting new submissions to VirusTotal. After analyzing this app, we determined that SkyWebProcess operates as adware and belongs to the AdLoad malware family. It is noteworthy that adware may require specific condit
Our research team found the UnitySquad application during a routine checkup of new submissions to VirusTotal. After inspecting this app, we learned that it operates as advertising-supported software (adware). Additionally, we determined that UnitySquad belongs to the AdLoad malware family.