Check-the-article[.]com is a deceptive page that we have found while inspecting other pages of this kind (illegal movie streaming pages, torrent sites, and similar). It displays deceptive content to trick visitors into allowing it to show notifications. Also, it redirects visitors to other untrust
LaunchHistoryResults is the name of an application that our team has discovered while visiting deceptive websites (e.g., pages offering to download fake updates for the Adobe Flash Player). After downloading and installing the app, we found that it functions as adware - LaunchHistoryResults gene
While inspecting untrustworthy websites, our researchers discovered the freesamplesprousa[.]com webpage. It operates by hosting deceptive material (scams), pushing browser notification spam, and redirecting visitors to different (likely unreliable/malicious) sites. Most users enter freesamplespro
Freeadvreviews[.]com is a rogue page that our researchers found while inspecting dubious websites. It promotes browser notification spam by using fake CAPTCHA verification. Additionally, this site can redirect visitors to other (likely unreliable/malicious) webpages. Most users enter websites lik
Mal is ransomware that belongs to the Xorist ransomware family. We have discovered this variant while analyzing the malware samples submitted to VirusTotal. Mal encrypts files and appends the ".Mal" extension to their filenames. It displays its ransom note in an error window and on a black screen.
Flowvideo[.]ru is a rogue page that we discovered while inspecting untrustworthy websites. This webpage is designed to promote spam browser notifications and lead visitors to other (likely dubious/malicious) sites. Most users enter rogue webpages via redirects caused by sites using rogue advertis
While inspecting submissions to VirusTotal, we discovered the Mine malicious program that belongs to the Djvu ransomware family. Programs within this malware classification are designed to encrypt data and demand payment for the decryption. We launched a sample of Mine on our test machine, and it
We have examined the mous0[.]biz page and learned that it uses a clickbait technique to trick visitors into agreeing to receive its notifications. Moreover, it redirects visitors to an identical page. Our team has discovered mous0[.]biz while examining other pages that use rogue advertising networ
Protectionsrequired[.]com is one of the many deceptive websites designed to trick visitors into believing that their computers are infected. Protectionsrequired[.]com promotes McAfee antivirus - a legitimate software. This page is operated by affiliates who aim to collect illegitimate commissions
Stealerium is the name of an information stealer written in the C# programming language. It sends logs (stolen information) to a Discord channel controlled by the attackers using a webhook. Stealerium malware can extract data, log keystrokes, capture screenshots, and hijack the clipboard.