We have discovered the Movieztab Default Search browser extension while examining questionable websites. After adding this app, we have noticed that it changed some of the settings to movieztab.com - a fake search engine. This led us to the conclusion that Movieztab Default Search is a browser hij
Film Links Now | Digital Content Online is a browser extension endorsed as a tool for easy access to movies and film-related content. After analyzing it, our researchers determined that this extension is a browser hijacker promoting the filmlinksnow.com fake search engine. After being inst
During a routine inspection of rogue websites, our research team discovered gr4phic-4rt[.]xyz - a page designed to host deceptive content, push browser notification spam, and redirect visitors to other untrustworthy/malicious sites. Most users enter webpages of this kind via redirects caused by si
Our malware researchers have discovered the Cantopen ransomware while checking the samples submitted to VirusTotal. After analyzing this ransomware, we have learned that it appends the ".cantopen" extension to filenames of all encrypted files and creates the "HELP_DECRYPT_YOUR_FILES.txt" text file
News-heceye[.]cc is a rogue website our researchers discovered while inspecting untrustworthy pages. This webpage is designed to load questionable material, promote browser notification spam, and redirect visitors to other unreliable/malicious sites. Most visitors to news-heceye[.]cc and similar
We have discovered the system-dating[.]top site after receiving a shady email. Our team has examined system-dating[.]top and found that it is designed to trick visitors into agreeing to receive notifications. Additionally, it can open adult pages and other potentially malicious sites. Syst
Discovered during a routine inspection of VirusTotal submissions, Tor is a ransomware-type program. Our researchers have determined that it belongs to the Paradise malware family. Once launched on our test system, Tor began encrypting files and appending their filenames with a "_decryptor_{victim
We have examined this email and found that it is disguised as a letter from an unspecified bank regarding changes in bank account information. It also has a malicious archive file attached to it. After examining the attachment, we learned that it is used to trick recipients into executing NanoCore
LauncherRecord is yet another adware-type application belonging to the AdLoad malware family, which our researchers discovered while inspecting new submissions to VirusTotal. This app is designed to run intrusive advertisement campaigns, and it may have other harmful abilities. Following
Safetyfirst[.]cfd is a deceptive website designed to trick visitors into believing that their computers are at risk/infected with viruses and agreeing to receive notifications. We discovered safetyfirst[.]cfd while examining pages (such as torrent sites and illegal movie streaming sites) that use