"Chorus Union" is the name of a malicious spam campaign designed to distribute Dridex banking malware. The scam emails sent through this spam campaign are disguised as impending invoices from "Chorus Union". These messages are intended to trick recipients into clicking the link presented within th
As its name suggests, Smart Searching Tab is an app designed to improve the browsing experience, however, it is actually designed to promote hsmartsearching.net (the address of a fake search engine) and collect browsing data. I.e., Smart Searching Tab is a browser hijacker designed to promote a fa
StockCommon is an adware-type application, which serves various advertisements via the user interface. Additionally, it is designed to promote the Safe Finder website through another dubious web address (akamaihd.net). Commonly, apps of this type not only serve ads but also collect information r
HimeraLoader is a malicious program used by cyber criminals who seek to infect computers with other programs of this kind (e.g., ransomware, remote access Trojans). Research shows that it was available for purchase on hacker forums at a cost of 700 rubles. Typically, cyber criminals attempt to in
Sharing many similarities with behavingsoping.club, superinterestinginfo.info, redbearmobilecuisine.com and thousands of others, thenickelpress[.]com is a rogue website. Visitors to this site are presented with dubious content and/or are redirected to other untrusted or malicious web pages. Most
SkilledEntry is a rogue application classified as adware. It runs intrusive advertisement campaigns, delivering various unwanted and harmful ads. Additionally, SkilledEntry shares traits with browser hijackers, such as browser settings modification to promote rogue search engines. This applicat
"System Warning Alert" is a technical support scam claiming that users' devices have been infected with spyware and other viruses. This scheme urges people to immediately contact 'tech support' by calling a supposedly toll-free telephone number. Note that no web page can detect threats or issues p
Discovered by MalwareHunterTeam, Dodged ransomware encrypts victims' files, changes filenames, disables Task Manager and displays a pop-up window containing the ransom message. Dodged renames encrypted files by appending the ".dodged" extension to filenames. For example, it renames "1.jpg" to "1.j
ProgressStart is a rogue application classified as adware. It delivers intrusive ad campaigns. Additionally, ProgressStart possesses browser hijacker traits such as browser modification and fake search engine promotion. This app promotes Safe Finder through the akamaihd.net website. Since most
Easy Forms is a rogue application categorized as a browser hijacker. This app is advertised as a quick access tool to various popular forms. In fact, it operates by altering browser settings to promote heasyforms.com (a fake search engine). Furthermore, this browser hijacker monitors users' browsi