We have discovered the defender-scanner[.]com website while examining various illegal streaming, torrent, and similar sites that use questionable advertising networks. We learned that defender-scanner[.]com is a deceptive website used to collect illegitimate commissions. It also asks for permissio
Putinwillburninhell is ransomware that was discovered by MalwareHunterTeam. This piece of malware encrypts files and appends the ".putinwillburninhell" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.putinwillburninhell", "2.png" to "2.png.putinwillburninhell". Also, it cr
News-cihumo[.]cc is a rogue website our researchers discovered while inspecting untrustworthy sites. This page operates by loading questionable content, pushing browser notification spam, and redirecting visitors to other (likely unreliable and harmful) websites. Most users enter webpages like new
Our researchers discovered the cleanHistory browser extension while inspecting dubious download webpages. Following our analysis, we learned that this piece of software operates as a browser hijacker. It modifies browser settings in order to promote the cleanhistory.xyz fake search engine. Additio
MyZen Tab is a browser extension that our researchers discovered while inspecting dubious download webpages. In vague terms, MyZen Tab's promotional material describes it as a new browser tab customization tool. After analyzing this piece of software, we determined that it operates as a browser hi
"HTML/Phishing" refers to HTML-based content primarily used for phishing. HTML stands for HyperText Markup Language - a language for content designed to be displayed on a Web browser. Phishing is a scam in which victims are tricked into disclosing sensitive information. However, material classifie
HyperText Markup Language (HTML) is a content language for Internet browser display. Hence, "HTML/Fraud" refers to HTML-based content used for fraudulent purposes. Additionally, "HTML/Fraud" or similar variations are used by some anti-virus programs as detection names. This term encompasses a wid
Our team has discovered this scam while examining reported online scams (this one was first reported by Mich). We learned that scammers behind it attempt to steal cryptocurrency wallets (obtain login credentials used to access them). They promote this scam by wriging private messages on Discord (a
Pandora (a rebranded version of Rook ransomware) is the name of ransomware that was discovered by MalwareHunterTeam. After analyzing the sample submitted to VirusTotal, our malware researchers found that Pandora encrypts files and appends ".pandora" extension to filenames. It provides a ransom not
JS/Agent Trojan is a detection name for malicious JavaScript files. Typically, such files (malicious codes) are distributed by injecting them into legitimate websites. Computers get infected after a malicious (or legitimate but compromised) website is visited, and a malicious file is dropped.