Gobrowser.xyz is the address of a fake search engine. We discovered this website while analyzing browser hijackers, which promote (by causing redirects to) such search engines. Browser hijackers promote illegitimate search engines (e.g., gobrowser.xyz) by assigning them as the browsers'
CommonAnalyser is an adware-type application that our research team discovered while inspecting new submissions to VirusTotal. This piece of software operates by running intrusive advertisement campaigns. We also determined that it belongs to the AdLoad malware family. Advertising-suppor
"New Contract Documents Received" is a spam email that we inspected and classified as a phishing scam. This letter attempts to trick the recipient into disclosing their email account log-in credentials by claiming they have been sent documents concerning a new contract. The spam email with
Discovered by our research team while inspecting dubious software-endorsing webpages, Snowy Tab is a browser extension. It is advertised as a tool that allows users to change their browser background/wallpaper and use other handy features. Having analyzed Snowy Tab, we can conclude that it is a b
We have discovered the Daily Tab application/browser extension while examining pages that use questionable advertising networks and other suspicious pages. It was found that Daily Tab is a browser hijacker that changes the settings of the affected web browser to promote search.daily-stop.com (a fa
Spin Dark is a browser extension discovered by our research team while inspecting untrustworthy download webpages. This piece of software is advertised as a tool capable of enabling dark mode for simple design websites. After analyzing Spin Dark, we determined that it behaves like a browser hijac
Electron Bot is the name of the malware that has been discovered by Check Point Research. We have learned that Electron Bot is used to gain remote access to computers and execute various commands. It is distributed via various applications on the Microsoft Store (Electron Bot targets Windows devic
Vote2024 (also known as HermeticRansom and PartyTicket) is the name of a malicious program that was discovered during geopolitically-motivated malware attacks against Ukraine and its surrounding territories, which occurred during the onset of war in Ukraine. Vote2024 is a ransomware-type program.
We have discovered the CleanTextSize application while analyzing various cracked software download sites. After testing the app, we learned that it is adware - software that generates unwanted advertisements. Although, it is promoted as a tool allowing to change the text size on the Edge browser.
Rg116 is the name of typical ransomware - malware that encrypts files. Our team has discovered it while analyzing the malware samples submitted to VirusTotal. It was found that Rg116 also renames encrypted files by appending a string of random characters and the ".rg116" extension to filenames, an