"Removal From Server Has Been Approved And Initiated" is a spam email received and subsequently analyzed by our researchers. We have determined that it is a phishing scam targeting recipients' email account log-in credentials. The spam email is presented as an urgent warning from the recip
AccessibleSection is an untrustworthy application that our malware researchers have discovered while examining deceptive websites. Once installed, this application starts generating unwanted advertisements. AccessibleSection is typical adware. We have tested plenty of adware-type apps (v
We have discovered the To find result application on a shady website encouraging us to add an unspecified browser extension. After adding To find result to a browser, we have noticed that it changed its settings - it hijacked a browser to promote togosearching.com (a fake search engine). O
Johnquickhelper is a piece of malicious software categorized as ransomware, which our research team discovered while inspecting new submissions to VirusTotal. After analyzing Johnquickhelper, we determined that it encrypts files and renames them by appending an extension consisting of four random
We have discovered Ckae ransomware while checking samples submitted to VirusTotal. After analyzing the malware, we learned that it encrypts files, changes file extensions (by appending the ".ckae" extension), and generates a text file ("_readme.txt") containing a ransom note. We also found that C
We have discovered the Movieztab Default Search browser extension while examining questionable websites. After adding this app, we have noticed that it changed some of the settings to movieztab.com - a fake search engine. This led us to the conclusion that Movieztab Default Search is a browser hij
Film Links Now | Digital Content Online is a browser extension endorsed as a tool for easy access to movies and film-related content. After analyzing it, our researchers determined that this extension is a browser hijacker promoting the filmlinksnow.com fake search engine. After being inst
During a routine inspection of rogue websites, our research team discovered gr4phic-4rt[.]xyz - a page designed to host deceptive content, push browser notification spam, and redirect visitors to other untrustworthy/malicious sites. Most users enter webpages of this kind via redirects caused by si
Our malware researchers have discovered the Cantopen ransomware while checking the samples submitted to VirusTotal. After analyzing this ransomware, we have learned that it appends the ".cantopen" extension to filenames of all encrypted files and creates the "HELP_DECRYPT_YOUR_FILES.txt" text file
News-heceye[.]cc is a rogue website our researchers discovered while inspecting untrustworthy pages. This webpage is designed to load questionable material, promote browser notification spam, and redirect visitors to other unreliable/malicious sites. Most visitors to news-heceye[.]cc and similar