We have examined F*ckFBI (malware that our team encountered while inspecting samples uploaded to VirusTotal) and discovered that it is ransomware that encrypts files and provides a ransom note containing payment and contact information. Also, the ransomware renames files by appending its extension
Our analysis shows that trustedspotsearch.com is a fake search engine. It does not generate search results and is promoted through an unwanted extension, a browser hijacker called Trusted Spot. It is advisable not to use fake search engines and browser hijackers to avoid privacy and security risks
During a routine inspection of suspicious websites, our research team discovered cosollic[.]com. This rogue page promotes browser notification spam and generates redirects to different (likely dubious/harmful) sites. Cosollic[.]com and similar webpages are most commonly accessed through redirects
Trustedfiltersearch.com is a fake search engine that we discovered during our analysis of the Trusted Filter browser hijacker. This piece of software is advertised as a search tool that provides advanced filters for finding videos online. This browser hijacker modifies browsers to promote (via re
ChickenKiller is a ransomware-type program. Malware within this classification is designed to encrypt data and demand a ransom for its decryption. On our test machine, ChickenKiller encrypted files and appended their filenames with a ".locked" extension. To elaborate, a file initially titled "1.j
Glatcantosm.co[.]in is a rogue webpage designed to promote browser notification spam. It can also redirect visitors to different (likely unreliable or malicious) sites. The majority of visitors to such pages access them via redirects produced by websites utilizing rogue advertising networks. Our
Our research team discovered the olyjuk.co[.]in rogue page while inspecting untrustworthy websites. After examining it, we determined that this webpage promotes browser notification spam and generates redirects to different (likely unreliable/harmful) sites. Olyjuk.co[.]in and similar pages are pr
We have checked dsfirewall.co[.]in and concluded that it uses clickbait, a deceptive method, to deceive visitors into allowing it to show notifications. If visitors follow the steps presented on dsfirewall.co[.]in, they end up receiving fake warnings and similar notifications from the site.
PhantomStealer is an information stealer delivered through a malware loader known as JSGuLdr. Once infiltrated, PhantomStealer can harvest various sensitive information from infected devices. These attacks can lead to identity theft, financial loss, and other issues. If PhantomStealer is detected
Vionnero.co[.]in is a deceptive website that tricks users into allowing notifications. Our analysis reveals that it employs clickbait tactics to mislead visitors. Once permission is granted, the site can flood users with bogus warnings and other unwanted, annoying notifications containing links to