We have inspected the website vote-ethfi[.]app and found that it imitates the official ether.fi platform, presenting a fake "$ETHFI Rewards Allocation Proposal" governance vote. The page is designed to trick visitors into connecting their cryptocurrency wallets, which can lead to the theft of digi
We have inspected the website reward-kinetiq[.]xyz and found that it impersonates Kinetiq, a liquid staking platform, by promoting a fake voting rewards proposal. It is designed to trick visitors into connecting their cryptocurrency wallets, which can result in financial losses. IMPORTANT NO
Our researchers discovered the Search Toggler browser hijacker while reviewing extensions promoted through their own dedicated websites. Despite its description promising an easier way to switch between search engines, Search Toggler quietly reassigns the browser's search settings to searchtoggler
Our researchers inspected the View Menu with Prices browser extension and found that it carries the traits of a browser hijacker. Once installed, it quietly changes the browser's default search engine to viewmenuprices.com. View Menu with Prices is presented as a handy way to look up restaurant m
Our research team discovered the Great Start - Homepage browser hijacker while inspecting extensions distributed through the Chrome Web Store. Despite its harmless-sounding name, this extension changes browser settings to promote greatstartapp.com, a page connected to a fake search engine. Great
Our researchers found My Focal Find while analyzing a rogue installation setup and noticed that it has the traits of a browser hijacker. Once added to a browser, this extension changes its settings to promote myfocalfind.com, a fake search engine. This article explains what My Focal Find does, ho
Our researchers came across the Earth 3D browser hijacker while reviewing extensions that modify browser search settings. Earth 3D changes the browser's homepage, new tab page, and default search engine to earth3d.net. The extension is promoted as a tool for viewing 3D satellite imagery directly
Wanderlustar is a browser extension that we inspected and found to have the traits of a browser hijacker. It is marketed as a travel-themed new tab tool that displays scenic photos and lets users search the web. Once added to the browser, however, it changes search and new tab settings to wanderlu
Our researchers inspected the Earth browser extension, available on the Chrome Web Store, and found that it has the traits of a browser hijacker. Although it is marketed as a tool for viewing satellite imagery, adding it to the browser changes the default search engine to earthapp.net, a page that
Our researchers tested the Nautilus Notes Chrome extension and found that it has the traits of a browser hijacker. While it presents itself as a sticky-note tool for the new tab page, installing it changes browser settings to promote under-cover.info, an address also pushed by other similar extens