We discovered this "METAMASK" scam while inspecting rogue websites. It is disguised as a log-in credential recovery page for MetaMask - a genuine cryptocurrency wallet designed to interact with the Ethereum blockchain. This scheme operates as a phishing scam. In other words, it aims to trick users
Skip Ads is a rogue browser extension. Based on its name, it is evidently promoted as an adblock-type software. However, following its installation onto our test machine, Skip Ads began running intrusive advertisement campaigns. Therefore, this piece of software is categorized as adware. W
ProjectSource is the name of an adware-type and browser-hijacking app that we have discovered while auditing various shady websites. After analyzing ProjectSource, we learned that the purpose of this app is to generate annoying advertisements and promote a fake search engine. After insta
We have found a new ransomware variant called Problem while inspecting ransomware samples submitted to VirusTotal. During analysis, we discovered that Problem encrypts files, appends the ".problem" extension to filenames, and creates the "readme.txt" file (a ransom note). An example of how this r
Universal-current[.]com is a shady website that displays deceptive content and asks for permission to show notifications. We have discovered it while testing pages that are using questionable advertising networks. More precisely, we ended up on universal-current[.]com after visiting various illega
During a routine inspection into new submissions on VirusTotal, our researchers detected a new addition to the ZEPPELIN ransomware family - called KUKANOS. When we tested this malware, it encrypted files and appended their filename with this extension - ".@KUKANOSSOSANOS.[victim's_ID]" (the IDs a
Our team has analyzed the InitiatorIntegrate application and discovered that it generates advertisements and hijacks a web browser to promote a fake search engine. Knowing this, we can state that InitiatorIntegrate functions as adware and a browser-hijacking application. Wile analyzing a
"Sync Wallets" is a phishing scam, which our researchers found when inspecting shady websites. Schemes of this type can be promoted on many rogue pages simultaneously; we found it on fixedvalidity[.]online website, but it may be encountered on others as well. "Sync Wallets" is presented as a dApp
We have found the installer for the color darker application on multiple deceptive websites. While analyzing the color darker application, we learned that it hijacks a web browser by changing some of its settings to wwmnnl.com (a fake search engine). At the time of the research, we discove
We discovered facebookteens[.]com whilst researching other questionable websites. The page in question is designed to load dubious content, promote browser notification spam, and redirect visitors to various unreliable/dangerous sites. Most visits to facebookteens[.]com are unintentional as they a