During our analysis of gapconnectionbridge.co[.]in, we discovered that it uses clickbait to obtain permission to send notifications. Once permitted, gapconnectionbridge.co[.]in can show deceptive notifications to trick users into opening untrustworthy websites. Therefore, gapconnectionbridge.co[.]
Our team has examined topgreenview.com and found that it is a fake search engine promoted through an extension (Top Green Search) designed to hijack web browsers. This extension changes the settings of a web browser to promote topgreenview.com. topgreenview.com is a fake search engine because it d
During our examination of QuickSeek, we learned that this extension operates as a browser hijacker. It hijacks a web browser to promote guardflares.com. Additionally, QuickSeek enables the "Managed by your organization" setting. Users are advised not to trust QuickSeek and remove it if it is alrea
Our team discovered YE1337 ransomware during an inspection of samples uploaded to VirusTotal. Once executed, YE1337 encrypts files and appends its extension (".YE1337"). It also drops a ransom note ("YE1337_read_me.txt") and changes the victim's desktop wallpaper. An example of how files encrypte
FireScam is malware targeting Android devices. Threat actors spread the malware through a fake Telegram Premium app on a phishing site. FireScam infects devices with a dropper APK. The malware avoids detection and steals data by using popular services like Firebase. It should be eliminated from in
Our discovery of Contacto occurred while inspecting malware samples submitted to VirusTotal. During examination, we found that Contacto is ransomware designed to encrypt and rename files, create a ransom note ("Contacto_Help.txt"), and change the desktop wallpaper. Contacto appends the ".Contacto"
We have inspected search-great.com and discovered that it is a fake search engine promoted by unwanted extensions that function as browser hijackers. One of the browser hijackers promoting search-great.com is My Horoscope Pro. Users should not trust search-great.com or the extensions promoting it.
We have inspected the email and concluded that it is a phishing email disguised as a notification regarding a successfully adjusted chargeback. It includes a link to a deceptive web page where recipients are instructed to enter personal information. Such emails should be ignored to avoid potential
During our analysis of Weisx App, we found that it has unclear functionality and no apparent purpose. Moreover, the app is distributed using questionable tactics and likely bundled with unwanted software. For these reasons, we consider Weisx App to be an unwanted application. Users should avoid in
Our examination of octagonfind.com has revealed that it is a fake search engine promoted through a dubious extension (Octagon Find) that functions as a browser hijacker. Fake search engines can expose users to a variety of online threats. Therefore, users should never use them and eliminate extens