While inspecting sites that use rogue advertising networks, our research team encountered a webpage promoting the "McAfee Total Protection has expired" scam. We have found two variants of this scheme, which claim that the visitor's McAfee anti-virus subscription has expired and urge them to renew
GeneralProjectSearch is a rogue application that our researchers found while inspecting deceptive websites promoting fake Adobe Flash Player updates. After testing this piece of software, we determined that it is an adware-type app belonging to the AdLoad malware family. It is noteworthy
WINKILLER is ransomware that was discovered by MalwareHunterTeam. It is known that it prevents victims from using their computers and displays a ransom note (a pop-up window) containing instructions on how to restore access to the operating system. Screenshot of a pop-up displayed by this rans
Our team has analyzed the BrowserLaptop application and learned that it generates advertisements. Knowing this, we can state that BrowserLaptop functions as typical adware. Another important detail about this adware is that we have discovered it while inspecting deceptive websites. Brows
During a routine inspection of shady webpages, our research team discovered the save-window[.]com site. It is designed to load deceptive content (scams), promote browser notification spam, and redirect visitors to other (likely unreliable or malicious) websites. Most users enter such pages via red
Weathersend[.]com is a shady website that asks for permission to show notifications. Typically, websites of this kind show untrustworthy notifications. Also, weathersend[.]com may redirect to various scam sites. Our team has discovered weathersend[.]com while examining illegal movie streaming site
Bozon is a piece of malicious software classified as ransomware, which our research team discovered while checking out new submissions to VirusTotal. Once a sample was executed on our test system, the ransomware began encrypting files and appending their filenames with a ".bozon" extension. For e
While inspecting dubious download pages, our research team discovered the Protected-Browsing browser extension. After analyzing this piece of software, we determined that it operates as a browser hijacker promoting the protected-browsing.xyz fraudulent search engine. With Protected-Browsin
Our researchers discovered infos-et-potins[.]com while inspecting dubious websites. This rogue page promotes spam browser notifications and redirects visitors to other (likely untrustworthy or malicious) websites. Most users enter infos-et-potins[.]com and similar webpages via redirects caused by
max dark is an application that is supposed to provide a dark mode for websites. We have discovered at least two deceptive websites promoting this app. After installing and testing max dark, we learned that it generates advertisements. Apps displaying unwanted ads are classified as adware.