"Safety Warning" is a multi-variant scam that warns users of various fake threats present on their devices. Often, the purported source is a visit(s) to a compromised/malicious site(s). The schemes hide under the names of legitimate software/services, which are then supposedly used to perform syst
During our analysis of search-globe.com, we found that while the site seems to be a search engine, it fails to produce any results. For this reason, we have classified search-globe.com as a fake search engine. It is important to note that websites like this are often distributed via extensions tha
Newstargetingads[.]top is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. After examining this page, we determined that it promotes browser notification spam and produces redirects to different (likely dubious/dangerous) websites. The majority of vis
Mania Crypter is ransomware based on LockBit Black. It encrypts and modifies files (appends a random extension), changes the desktop wallpaper, and provides a ransom note ("[random_string].README.txt"). Here is an example of how encrypted files are renamed: "1.jpg" is changed to "1.jpg.utZMwPnzM",
We have inspected networkcontrol.co[.]in and discovered that it is designed to deceive visitors into allowing it to show notifications. This page uses clickbait to obtain this permission. Users should avoid agreeing to receive notifications from sites like networkcontrol.co[.]in, as they are often
After inspecting this "Classified Documents" email, we learned that it is spam. The message claims that two confidential documents were shared with the recipient. It must be stressed that this fake message is not associated with any official parties. The purpose of this spam mail is to trick user
Our analysis of the Kowi SApp indicates that it is flagged as malicious by security vendors. We also found that the app lacks any legitimate functions. Moreover, it serves as a channel for delivering Legion Loader, malware that can deliver dangerous payloads. For these reasons, users should avoid
While browsing new submissions to the VirusTotal website, our research team discovered innok – a ransomware identical to BlackPanther. Malware within this category is designed to encrypt data or demand payment for the decryption. On our testing machine, innok encrypted files and appended their na
We have examined cash-searcher[.]com and concluded that it is a deceptive website that wants to show notifications. If allowed, it may deliver misleading notifications (e.g., fake warnings) that could expose users to various online threats. Thus, cash-searcher[.]com should not be visited and never
During our analysis, we found that advancedsearches.net is a fake search engine promoted through a browser extension (Advanced Search) that operates as a browser hijacker. This extension hijacks a browser by changing its settings. It is advisable to avoid using fake search engines and suspicious e