While inspecting deceptive websites, our research team found the "BlockChain" scam. It operates as a phishing scam. This scheme attempts to obtain victims' BlockChain cryptocurrency wallet log-in credentials. When we accessed a site promoting the "BlockChain" scam, it appeared nearly ident
After analyzing the "336 Parts B.V." email, we determined that it is spam. This email concerns a fake invoice to view which - recipients are asked to log in again using their email account. However, the sign-in page is a phishing website designed to record the information provided to it. Therefor
Our team has examined this email and discovered that the cybercriminals behind it aim to trick recipients into opening the attached file. They pretend to be a company called "DUY THANH EXPORT & IMPORT CO .LTD" and claim that the file attached to this email is a purchase order. That file is mal
Spark is the name of ransomware discovered by MalwareHunterTeam. It is a type of malware that encrypts files to make them inaccessible until victims decrypt them with a tool purchased from the attackers. Also, it appends the ".Spark" extension to filenames and displays a pop-up window containing a
During a routine inspection of dubious webpages, our research team discovered the scanoclean[.]com site. It is designed to promote deceptive material, push browser notification spam, and redirect visitors to different (likely questionable/malicious) websites. Most users access such pages via redir
"SYSTEM NOTIFICATION" is the name of an email spam campaign. We found two practically identical variants of these emails. Both operate as phishing scams; they attempt to trick recipients into disclosing their email account log-in credentials by claiming that several messages have not reached the i
While inspecting deceptive websites, we discovered the devicespam-shield[.]com rogue page. It promotes scams, pushes spam browser notifications, and redirects visitors to other (likely untrustworthy/malicious) sites. Users typically enter such pages via others that use rogue advertising networks.
Clear Search is a rogue browser extension. After analyzing this piece of software, we learned that it is a browser hijacker. Clear Search operates by modifying browser settings to cause redirects to the clear-search.com fake search engine. When we installed Clear Search on our test system,
After downloading and installing the SearcheeBoo! application, we learned that it is designed to hijack web browsers. This application forces users to browse the web with a fake search engine (searcheeboo.com). It promotes searcheeboo.com by changing the settings of a web browser. Searchee
ProgressionLegion is a rogue app that our researchers found while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that it operates as adware and belongs to the AdLoad malware family. Adware-delivered advertisements promote untrustworthy/har