Our research team discovered the Protecto for Chrome unwanted extension while investigating suspicious websites. According to its promotional material, Protecto is a security tool that can protect users from phishing, scams, and spam, as well as remove malicious extensions that diminish the browsi
Total Safety for Chrome is promoted as a browser extension management tool capable of scanning them for malicious behavior. Instead of working as advertised, this unwanted extension can change browsers' operation/appearance and collect sensitive data. Numerous browser extensions have been
This extension misleadingly claims to be affiliated with DeepSeek AI, a well-known and reputable service, in an attempt to appear legitimate and trustworthy. It is designed to collect user-inputted data and transmit it to its developers. This creates a privacy concern, as malicious third parties c
Supessherse.co[.]in is a rogue page during a routine investigation of suspect websites. After examining this webpage, we determined that it promotes browser notification spam and produces redirects to different (likely unreliable/harmful sites. The majority of visitors to supessherse.co[.]in and
During our examination of MultSearch, we learned that it is an extension designed to hijack a web browser by changing its settings. The purpose of this hijacking is to promote oesrchrdr.com, a fake search engine. Users are advised not to trust browser hijackers and the associated search engines.
Our researchers discovered this "$TRUMP Token Distribution" scam while investigating suspicious websites. The fake page claims to be distributing Trump tokens. The goal of this scam is to trick users into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not r
Our analysis of searchonsite.com has revealed that it is a fake search engine promoted through an unwanted browser extension (a browser hijacker) known as SearchOnSite. The site itself does not generate search results, and the extension associated with it appears to offer no real value to users. T
Numec is ransomware that our team has discovered while examining malware samples uploaded to the VirusTotal platform. This ransomware encrypts files and puts them in the "EncryptedFiles" folder on the victim's desktop. Also, Numec drops its ransom note ("GetFilesBack.txt") and appends the ".numec"
We have analyzed aceadepreltitip.co[.]in and found that it is an untrustworthy web page created to trick visitors into permitting it to deliver notifications to their devices. If aceadepreltitip.co[.]in is allowed to show notifications, it sends fake warnings and other deceptive messages.
During our analysis of naceling[.]com, we noticed that the site employs a misleading tactic to obtain permission to show notifications. If users agree to receive these notifications, naceling[.]com bombards them with fake alerts and other deceptive content. Thus, naceling[.]com should be avoided a