Little-Light is a program (a browser extension) we found while analyzing deceptive pages. It is advertised as an app that can display any page in dark mode. After downloading and installing the app, we discovered that it generates advertisements. Thus, we concluded that Little-Light is an advertis
TeamBot is the name of a malicious program that operates as a dropper. Malware of this type is designed to cause chain infections, i.e., download/install additional malicious programs/components. TeamBot has been observed dropping various information-stealing programs into compromised systems. Ch
Computeradshub[.]com is a website designed to trick visitors into agreeing to receive its notifications. Also, it can redirect visitors to other (similar) pages. Our team has discovered computeradshub[.]com while analyzing pages that use rogue advertising networks. Computeradshub[.]com dis
Our team has discovered an application named AdvancedControl while inspecting a deceptive page offering to update the Adobe Flash Player. After installing and examining AdvancedControl, we found that this app operates as adware - it displays unwanted/intrusive advertisements. Clicking on
Fast PDF Reader is a rogue browser extension that our researchers discovered while inspecting deceptive download webpages. This piece of software is promoted as a free file reader capable of opening PDF, DOC, XLS, and PPT formats. After analyzing Fast PDF Reader, we determined that it is adware.
While inspecting deceptive websites, our researchers discovered the "BlockAll - block ads" browser extension. Its promotional material endorses this extension as an ad-blocking tool (adblocker). After analyzing "BlockAll - block ads", we determined that it operates as advertising-supported softwar
Onlineportalsite[.]com is a deceptive website that runs the "McAfee - Your PC is infected with 5 viruses!" scam. Also, it asks for permission to show notifications. Typically, websites like onlineportalsite[.]com are promoted using questionable methods. Our team has discovered this page while insp
While inspecting untrustworthy sites, our research team found the aytonus[.]com deceptive webpage. This website is designed to load scams and redirect visitors to other (likely unreliable/malicious) pages. Most users enter webpages like aytonus[.]com via redirects caused by sites using rogue ad
During a routine inspection of untrustworthy websites, our researchers found the news-gocuco[.]cc rogue site. It operates by promoting deceptive content, pushing browser notification spam, and redirecting visitors to different (likely unreliable/malicious) pages. Most users enter them via redirect
VistaQuantum is a rogue application that we discovered while inspecting new submissions to VirusTotal. Our analysis of this piece of software revealed that it operates as adware. Additionally, VistaQuantum belongs to the AdLoad malware family. Adware enables the placement of third-party