CharacterVirtualSearch is adware and a browser hijacker that generates advertisements and promotes search.dominantmethod.com (a fake search engine) by changing the web browser's settings. This application is distributed through a fake installer imitating the installer for Adobe Flash Player.
The purpose of kap03ut-editi56on[.]xyz is to display deceptive content and get permission to show notifications. There are hundreds of pages like kap03ut-editi56on[.]xyz on the Internet, for example, allcoolnewz[.]com, sabs-push[.]xyz, windows-protector[.]com. Most of them are promoted through pag
Bruperchrophone[.]com displays a deceptive message (uses a clickbait technique) to trick visitors into agreeing to receive notifications. Usually, websites like bruperchrophone[.]com get opened through pages using rogue advertising networks. Users do not visit them on purpose. Bruperchroph
BLISTER is the name of malware that functions as a loader - malicious software that drops/executes another malware (injects its payload). It is known that threat actors behind BLISTER attacks use a valid code signing certificate to evade detection. BLISTER is being embedded in legitimate l
LIKEAHORSE is malware (ransomware) that encrypts files and appends the ".LIKEAHORSE" extension to their filenames. For example, it renames a file named "1.jpg" to "1.jpg.LIKEAHORSE", "image.png" to "image.png.LIKEAHORSE". LIKEAHORSE also creates the "#RECOVERY#.txt" text file containing a ransom n
Searchfox.xyz is a fake search engine promoted through a browser-hijacking application designed to modify the web browser's settings. Most users end up having their browsers hijacked unintentionally. Neither browser hijackers nor fake search engines are trustworthy. Depending on the user
Scammers behind this email attempt to trick users into believing that their McAfee subscription has expired and opening another deceptive page claiming that their computers are infected. Scammers could be using this email to trick recipients into paying for bogus subscriptions or services, install
Crypto_Support (also known as Crypto Support) is ransomware that encrypts files, appends the ".CRYPT" extension to filenames, and provides payment and contact information (ransom notes) in a pop-up window and the "README.txt" file. For example, Crypto_Support renames "1.jpg" to "1.jpg.CRYPT", "sam
EasyMacSoft is the name of an advertising-supported software designed to generate advertisements and promote a fake search engine by hijacking a web browser. EasyMacSoft is distributed using a fake installer disguised as the installer for Adobe Flash Player. EasyMacSoft can show advertis
It is an email disguised as a letter from Komerční banka, one of the largest banks in the Czech Republic. It contains a link to a phishing website designed to look like the official Komerční banka page. Scammers behind this email attempt to trick recipients into providing banking-related sensitive