Our analysis of the "Windows Defender Subscription" email revealed that it is spam. This fake letter is presented as a notification regarding the purchase of a one-year subscription for the Windows Defender security software. It must be emphasized that this is a scam, and it is in no way associat
After examining imilroshoors[.]com, we learned that the purpose of this page is to trick visitors into agreeing to receive notifications and redirect them to other pages. We discovered imilroshoors[.]com while inspecting other pages (websites that use rogue advertising networks). Such pages do not
Captchastate[.]link is a rogue webpage that promotes browser notification spam and redirects visitors to other (likely dubious/malicious) sites. Our researchers found this page while inspecting websites that use rogue advertising networks. It is noteworthy that the redirects caused by such sites
Oiltraffic is ransomware that our team discovered while analyzing malware samples submitted to the VirusTotal website. We learned that Oiltraffic is part of the VoidCrypt family. It encrypts files, appends the victim's ID, lokilocker@tutanota.com email address, and ".Oiltraffic" extension to filen
AdjustableRotator is a rogue application that our researchers discovered during a routine investigation of new submissions to VirusTotal. Our analysis of this app revealed that it works as advertising-supported software (adware). We also determined that AdjustableRotator belongs to the AdLoad ma
After examining the VibeProfile application, we learned that it displays annoying advertisements and can read sensitive information. We found this app on a deceptive page claiming that some installed software is out of date. Apps that generate advertisements are classified as adware. In most cas
Cceo is ransomware. It encrypts files and appends the ".cceo" extension to filenames. Also, it creates the "_readme.txt" file that contains instructions on how to contact the attackers and some other details. Our malware researchers discovered Cceo while checking the VirusTotal page for recently s
Pushmestar[.]com is one of the deceptive web pages designed to display a fake CAPTCHA to trick visitors into agreeing to receive notifications from the page. Also, pushmestar[.]com redirects to a page with an identical design. We discovered this site while examining other websites that use rogue a
First-dating[.]top is a rogue page designed to trick visitors into allowing it to deliver browser notification spam. Furthermore, it can redirect visitors to other (likely untrustworthy/malicious) websites. Our research team found the first-dating[.]top webpage while inspecting sites that use rog
Our research team discovered ClearBrowser while inspecting dubious software-promoting websites. After installing this piece of software on our test machine, we learned that it is a rogue browser based on the Chromium open-source project. We also learned that ClearBrowser has adware and browser hi