We have tested the Quick-Search Default Search application and learned that its main purpose is to promote a fake search engine. Moreover, it promotes a fake search engine (quick-search.xyz) by hijacking a web browser. It changes the settings of a web browser and keeps them unchangeable while it i
It is a pop-up scam displayed by an untrustworthy website that we have discovered while examining other shady sites (and ads on them). This scam site displays a pop-up disguised as a security warning from McAfee. It is designed to deceptively promote legitimate antivirus software. A pop-up
Adsafesafarifix[.]com is an untrustworthy website promoting various scams. When we inspected this page, it ran "APPLE SECURITY BREACH" - but it might run other scams as well. Users typically access deceptive webpages like adsafesafarifix[.]com inadvertently. Most enter them through mistyped URL
Real Dark is yet another rogue browser extension promising to create a dark mode for websites. Our researchers discovered this piece of software while inspecting dubious download sites. After analyzing Real Dark, we determined that it operates as advertising-supported software (adware). Ad
Jakeview[.]ru is a rogue webpage that pushes browser notification spam. It can also redirect visitors to other websites, which are mostly untrustworthy and harmful. Most visitors enter jakeview[.]ru and sites of its type via redirects caused by pages using rogue advertising networks, spam notific
We discovered the Key board application on a deceptive website offering to add a "recommended" extension. Once added, it changed certain settings of the browser to keysearchs.com. Thus, we concluded that Key board is a typical browser hijacker designed to promote a fake search engine. Duri
We have tested the ProTabs New Tab application/browser extension and found that it operates as a browser hijacker. It changes the settings of a web browser and does not allow to modify them. The purpose of changes that ProTabs New Tab makes in settings is to promote a fake search engine, the prota
Our researcher discovered the Monochrome Tab browser extension while inspecting dubious download pages. This piece of software is advertised vaguely as a "work optimization" and "productivity maximizing" tool for browsers - without any specific features listed. Instead, this extension hijacks bro
xSpace is the name of ransomware that belongs to the VoidCrypt ransomware family. We have discovered this ransomware variant while analyzing the samples submitted to VirusTotal. After examining the sample, we learned that xSpace encrypts files and appends the victim's ID, HelpMe@mailfence.com emai
While inspecting new malware submissions to VirusTotal, our research team found a new ransomware belonging to the Makop family - called Raf. Once launched onto our test machine, Raf began encrypting files and appending their filenames with a unique ID, the attackers' email address, and a ".Raf" e