While investigating a rogue installation setup, our research team discovered a PUA (Potentially Unwanted Application) named "Kiicvoq Apps". This piece of software acts as a dropper for the Legion Loader malware. It also installs the fake "Save to Google Drive" browser extension. It is noteworthy t
After inspecting FlexibleRemote, we found that it exhibits characteristics of adware—the app is designed to display intrusive advertisements. Additionally, multiple security vendors have flagged it as malicious. As a result, it is strongly recommended to uninstall FlexibleRemote if it is already
We have inspected RecordPlatform and discovered that it has qualities of adware. The app is designed to display intrusive advertisements. Also, multiple security vendors flag RecordPlatform as malicious. Therefore, it is highly advisable to uninstall RecordPlatform if it is already present.
Our researchers discovered the TrustedSafeFinder adware while browsing new submissions to the VirusTotal website. This advertising-supported software is part of the AdLoad malware family. Adware is designed to generate revenue for its developers through advertising. Adware usually operat
Our research team found heriqo[.]info while inspecting suspicious websites. This rogue page endorses browser notification spam and redirects users to different (likely untrustworthy/harmful) sites. Most visitors access heriqo[.]info and analogous pages via redirects caused by websites that utiliz
While checking out suspicious websites, our research team found the ggprotocol[.]xyz rogue page. It promotes browser notification spam and generates redirects to different (likely unreliable/dangerous) sites. Most users enter ggprotocol[.]xyz and analogous webpages through redirects caused by webs
During a routine investigation of suspect websites, our research team found the ikqoqe[.]click rogue page. After examining it, we determined that this webpage promotes browser notification spam and redirects users to different (likely dubious/malicious) sites. Pages like ikqoqe[.]click are most c
While browsing suspicious websites, our research team discovered the dollarssource[.]com rogue webpage. Upon examination, we learned that this page endorses spam browser notifications and redirects users to different (likely unreliable/hazardous) sites. The majority of visitors to dollarssource[.
We have examined gwrldtpnws3[.]xyz and found it to be a deceptive website. It uses misleading content to convince visitors to accept notifications. Once permission is granted, the site bombards users with fake alerts, warnings, and other fraudulent messages. Thus, users should avoid visiting gwrld
While investigating questionable websites, our research team found the yopisara[.]sbs rogue page. It operates by promoting browser notification spam and redirects users to other (likely dubious/dangerous) websites. Yopisara[.]sbs and webpages akin to it are most commonly accessed via redirects ca