Retrorevivesearch.com is a fake search engine our researchers discovered while analyzing the Retro Revive browser hijacker. This extension is supposedly designed to create a retro aesthetic for new browser tabs. Browser hijackers promote these webpages by modifying browser settings. It is notewort
Recipio is promoted as a browser extension (or add-on) that helps users find recipes online by narrowing search results to cooking-related content, making it easier to discover meal ideas, detailed recipes, and step-by-step instructions without unrelated distractions. However, our analysis shows t
Desolator is a malicious program classed as ransomware. It is designed to encrypt files and demand payment for the decryption. After we executed a sample of Desolator on our test machine, it encrypted files and added a ".desolated" extension to their names. For example, a file originally named "1
We have analysed calenital.co[.]in and concluded that this is a deceptive website designed to obtain permission to show notifications through clickbait. Once allowed, calenital.co[.]in can bombard users with fake warnings and other messages designed to direct them to other untrustworthy sites and
We found that laracismas.co[.]in is designed to manipulate users into clicking “Allow” on a browser prompt that allows the site to show notifications. Once this permission is granted, the site sends misleading alerts and similar messages that can lead users to unsafe websites. Thus, laracismas.co[
Our inspection of the site (wallets.syncappfix[.]info) has shown that it is a deceptive web page designed to trick visitors into taking actions that would lead to the theft of personal details. Falling for this scam can cause monetary loss. Therefore, it is essential to thoroughly check cryptocurr
Our researchers discovered pphouse3[.]fun while investigating dubious websites. Upon examination, we determined that this rogue webpage promotes scams and browser notification spam. It can also redirect users to other (likely untrustworthy and/or dangerous) sites. Most visitors to pphouse3[.]fun
"Onyx Goliath Staking" imitates the Onyx blockchain platform (onyx.org). The fake page claims to allow users to migrate to the Goliath chain. This webpage promotes a cryptocurrency drainer that siphons funds from exposed digital wallets. It must be emphasized that this scam is not associated with
Our researchers discovered this "BlockchainDeFi" scam during a routine investigation of deceptive websites. This fraudulent webpage claims to be capable of syncing various cryptocurrency wallets to a secure dApp server. Instead of providing any of the promised services, "BlockchainDeFi" operates a
Noodlophile is the name of a stealer-type malware. It operates by extracting and exfiltrating sensitive information from infected devices and installed applications. Evidence suggests that the developer of this stealer is a Vietnamese-speaker. Noodlophile has been observed being offered for sale