Trustedsear.ch is the address of a fake search engine. Websites within this category cannot generate search results and redirect to genuine Internet search sites. They also tend to gather information about their visitors. Typically, fake search engines are promoted by browser hijackers. We discov
Search-secured.com is a fake search engine. Sites of this kind cannot provide search results and redirect to legitimate search engines. They are also known to collect visitor data. Fraudulent search engines are usually promoted (via redirects) by browser hijackers. We discovered search-secured.co
NewEngine is a rogue browser extension discovered by our research team when analyzing the installation setup for NeverSleep PUA. Upon examination, we determined that NewEngine is a browser hijacker. It modifies browsers to promote (via redirects) the search-secured.com fake search engine.
While browsing deceptive websites, our research team discovered a page endorsing the NeverSleep app. It is presented as a tool for preventing computers from entering sleep mode. Upon inspection, we determined that NeverSleep is a PUA (Potentially Unwanted Application). Software within this classi
Our research team discovered the "Verify You Are A Human" scam while investigating untrustworthy sites. It is essentially fake CAPTCHA authentication. This scheme is part of the ClickFix campaign and lures users into downloading/installing the Lumma stealer. However, this scam and others that use
Spy.Banker is a piece of malicious software that targets Android and iOS devices. It is capable of creating app imitations through PWAs (Progressive Web Applications) or WebAPKs; the latter is an Android-only feature wherein Google Chrome automatically generates an APK (referred to as WebAPK). At
We have inspected this scam and found that its purpose is to trick users into believing that their antivirus protection has expired. Typically, scammers use such scams to extract money or personal information from unsuspecting individuals. Thus, it is highly recommended not to interact with websit
Cthulhu is an information stealer written in the the Go programming language and designed to appear as a legitimate application. Its primary purpose is to extract credentials and cryptocurrency wallets from various stores and game accounts. The stealer seems to be available for rent to individua
Hunforandiogs[.]com is a rogue page that promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) websites. Webpages like hunforandiogs[.]com are most often accessed via redirects caused by sites utilizing rogue advertising networks. Our research team disco
After inspecting the "IMAP/POP3 TIME-OUT" email, we determined that it is spam. The message falsely claims that the recipient's email service has been temporarily restricted due to an error. This lure is used to deceive recipients into disclosing their email account log-in credentials to a phishin