Donkeyf*cker is ransomware designed to encrypt files, modify filenames, and drop the "#HOW_TO_DECRYPT#.txt" file (a ransom note) on the desktop. We discovered this ransomware while examining malware samples submitted to the VirusTotal web page. Donkeyf*cker renames files by appending a string of
While examining the mysmarterdeals[.]shop page, we found that it is a deceptive website running a survey scam and asking for permission to deliver untrustworthy notifications. Also, it redirects visitors to other shady web pages. We discovered mysmarterdeals[.]shop while inspecting sites that use
While inspecting questionable software-promoting websites, our researchers discovered the Reduce-Light browser extension. This piece of software promises to enable dark mode for simple design webpages. However, our analysis revealed that Reduce-Light operates as adware instead. Advertising
Securityanalysisreport[.]com is a rogue webpage that our researchers discovered while inspecting dubious sites. This page operates by promoting deceptive content, pushing browser notification spam, and redirecting visitors to other (likely untrustworthy/malicious) websites. Users typically enter
Movieholic is the name of a rogue browser extension that promises easy access to film streaming websites. After inspecting this piece of software, we determined that it operates as adware. In other words, Movieholic runs intrusive advertisement campaigns, and it has data tracking functionalities.
After analyzing this scam, we learned that it is a survey scam designed to trick unsuspecting visitors into participating in a fake survey to win a prize. The page running this scam is disguised as the official T-Mobile page. Websites of this kind can never be trusted - no one ever receives any pr
While inspecting dubious download websites, our researchers discovered the Nino Colors rogue browser extension. It is promoted as a tool capable of changing webpage background colors. However, our analysis of this extension revealed that it operates as adware instead. Advertising-supported
Salletsilvully[.]com is a deceptive website designed to trick visitors into allowing it to show notifications. Our team discovered it while inspecting other sites that use rogue advertising networks (various illegal streaming, torrent, adult, and similar sites). Another problem with Salletsilvully
Mscreviews[.]com is a rogue webpage that our researchers discovered while checking out dubious sites. This page promotes browser notification spam with the use of fake CAPTCHA verification. Additionally, it can redirect users to other (likely untrustworthy/dangerous) websites. Most users enter ms
AndreiHelp is ransomware belonging to the Spora ransomware family. We discovered it while checking the VirusTotal page for recently submitted malware samples. The purpose of AndreiHelp ransomware is to encrypt files. In addition to encrypting files, it renames them and drops the "Read_Me!_.txt" fi