Movieholic is the name of a rogue browser extension that promises easy access to film streaming websites. After inspecting this piece of software, we determined that it operates as adware. In other words, Movieholic runs intrusive advertisement campaigns, and it has data tracking functionalities.
After analyzing this scam, we learned that it is a survey scam designed to trick unsuspecting visitors into participating in a fake survey to win a prize. The page running this scam is disguised as the official T-Mobile page. Websites of this kind can never be trusted - no one ever receives any pr
While inspecting dubious download websites, our researchers discovered the Nino Colors rogue browser extension. It is promoted as a tool capable of changing webpage background colors. However, our analysis of this extension revealed that it operates as adware instead. Advertising-supported
Salletsilvully[.]com is a deceptive website designed to trick visitors into allowing it to show notifications. Our team discovered it while inspecting other sites that use rogue advertising networks (various illegal streaming, torrent, adult, and similar sites). Another problem with Salletsilvully
Mscreviews[.]com is a rogue webpage that our researchers discovered while checking out dubious sites. This page promotes browser notification spam with the use of fake CAPTCHA verification. Additionally, it can redirect users to other (likely untrustworthy/dangerous) websites. Most users enter ms
AndreiHelp is ransomware belonging to the Spora ransomware family. We discovered it while checking the VirusTotal page for recently submitted malware samples. The purpose of AndreiHelp ransomware is to encrypt files. In addition to encrypting files, it renames them and drops the "Read_Me!_.txt" fi
While inspecting new submissions to VirusTotal, our researchers found the OutlookWade application. After analyzing this app, we determined that it operates as adware and belongs to the AdLoad malware family. Advertising-supported software (adware) runs intrusive advertisement campaigns.
While examining advtreviews[.]com, our team found that it is one of the many untrustworthy pages designed to lure visitors into agreeing to receive notifications. Also, advtreviews[.]com can redirect visitors to another (virtually identical) website. We encountered this site while inspecting other
After inspecting this "Trust Wallet" email, we determined that it is spam that operates as a phishing scam. Letters of this spam campaign are presented as alerts regarding the imminent suspension of recipients' "Trust Wallets" - to prevent which the log-in credentials have to be re-verified. It m
While analyzing malware samples submitted to VirusTotal, our team discovered ransomware belonging to the Djvu family called Qqri. It encrypts files and renames them by appending the ".qqri" extension to their filenames. Also, Qqri drops the "_readme.txt" file (a text file containing a ransom note)