While inspecting new submissions to VirusTotal, our research team found the HORSEMAGYAR ransomware. We executed a sample of this malware on our test machine and learned that it encrypts data and renames the affected files. The filenames were altered according to this pattern - "[original_filename
Freshyearmarts[.]shop is an untrustworthy page that runs a T-Mobile scam and asks for permission to show notifications. Our team has discovered this site while examining other pages of this kind (pages that use rogue advertising networks). Freshyearmarts[.]shop cannot be trusted and should never h
While examining the turnon-yourprotect[.]site page, we found that it runs the "McAfee - Your PC is infected with 5 viruses!" scam and asks for permission to show untrustworthy notifications. We discovered this page during inspection of other shady pages that use rogue advertising networks.
Ehehehx12 is the name of ransomware that our team has discovered while examining malware samples submitted to the VirusTotal website. The purpose of Ehehehx12 is to encrypt files. Additionally, it renames files (by appending the ".Ehehehx12" extension to filenames) and creates the "HELP_DECRYPT_YO
Websecurityprograms[.]com is a rogue webpage that our research team discovered while inspecting untrustworthy sites. This page operates by hosting scams, promoting browser notification spam, and redirecting visitors to different (likely unreliable/malicious) websites. Users typically enter pages
Research Alts is the name of a rogue browser extension that our researchers found while inspecting dubious download websites. It is endorsed as a tool capable of providing additional search results when a site is down (unavailable) - specifically within the realm of interest for students and resea
Trins is the name of a ransomware-type program that our research team discovered while looking through new submissions to VirusTotal. We executed a sample of this ransomware on our test machine and learned that it encrypts files and appends their filenames with a ".trins" extension. For example,
Pcdefencerequired[.]com shows deceptive content to trick visitors into believing that their computers are infected. Also, this page asks for permission to show untrustworthy notifications. Our team discovered pcdefencerequired[.]com while examining websites that use questionable advertising networ
During a routine inspection of rogue webpages, our researchers discovered the playgamego[.]xyz rogue site. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/harmful) websites. Most users access sites like playgamego[.]xyz through redirects cau
News-voxodo[.]cc is a deceptive website that we have discovered while examining other pages that use rogue advertising networks. After inspecting this page, we found that it displays deceptive content to trick visitors into agreeing to receive notifications. Also, it redirects to another shady web