News-gexico[.]com is a rogue webpage discovered by our research team during a routine investigation of suspect sites. This page is designed to promote browser notification spam and redirect users to other (likely untrustworthy/harmful) websites. Webpages like news-gexico[.]com are most commonly a
While testing SearchPlus, we noticed that this extension has traits of a browser hijacker. Upon adding SearchPlus to a browser, the extension changes certain settings to promote a fake search engine. Users should avoid SearchPlus and similar extensions. If SearchPlus is already added, it should be
Our research team discovered the FastFind browser extension while investigating a rogue installer. This software modifies browser settings and produces redirects. Due to this behavior, FastFind is classed as a browser hijacker. FastFind assigns the webpage it promotes as the browser's defa
While examining thissrmadsme[.]org, we noticed that it uses clickbait to receive permission to send notifications. Deceptive websites like thissrmadsme[.]org (and their notifications) can expose users to various risks. Thu, thissrmadsme[.]org should be avoided and not allowed to send notifications
Our analysis of the page (basedawgz-claims.pages[.]dev) has shown that it is a scam website. The scammers behind this site aim to trick individuals into believing they are on a legitimate crypto platform. Their goal is to steal cryptocurrency. Thus, basedawgz-claims.pages[.]dev should not be trust
After reading the "Is Visiting A More Convenient Way To Reach" email, we determined that it is spam. This mail promotes a sextortion scam. The email claims that the sender has infected the recipient's smartphone and was monitoring them. In addition to obtaining sensitive data, the sender supposed
Cicada 3301 is a ransomware that emerged in the summer of 2024. It is offered as Ransomware-as-a-Service (RaaS) – a cyber-crime business model wherein access to ransomware and associated infrastructure is provided to paying affiliates. Cicada 3301 is written in the Rust programming language. Ranso
While reviewing malware submitted to the VirusTotal platform, our researchers found the C*nt ransomware (the asterisk stands for the letter "u"; thus, the name of this program will be censored throughout this article). The malware encrypts data and demands ransoms for its decryption. C*nt is part
Luxy is ransomware that encrypts and renames files, and creates a ransom note "[random_string].README.txt" on successfully attacked computers. This ransomware is distributed alongside a stealer module that extracts sensitive information before Luxy encrypts files. Luxy appends the ".luxy" extensi
Topvocedclub[.]top is a rogue page that we discovered during a routine inspection of suspicious websites. The webpage endorses spam browser notifications and redirects users to other (likely unreliable/harmful) sites. The majority of visitors to pages like topvocedclub[.]top access them through r