Bull Checker is a malicious browser extension that operates as a cryptocurrency stealer. It modifies digital asset transactions to reroute them into wallets in the cyber criminals' possession. At the time of research, Bull Checker targeted Solana cryptocurrency (SOL). Upon installation, th
Cheana is an information stealer targeting three operating systems: Windows, Linux, and macOS. Cybercriminals behind Cheana utilize a deceptive website to distribute the malware. It is known that the attackers have previously offered seemingly legitimate VPN services but later started distributing
After investigating the "Compromise Of Your Digital Identity" email, we determined that it is malspam. This spam message claims that the recipient's digital identity might have been compromised. The personal information affected is detailed in the attachment document. Instead of containing any su
We have examined trksecurescanf[.]com and learned that the purpose of this deceptive page is to lure visitors into taking certain actions. Like most web pages of this type, trksecurescanf[.]com asks permission to send notifications. If encountered, trksecurescanf[.]com (or any similar site) should
During our examination of toptosearch.com, we noticed that it does not generate search results. Thus, we classified toptosearch.com as a fake search engine. We also found that toptosearch.com is promoted through an extension that functions as a browser hijacker. Users should avoid using toptosearc
During our inspection of IcuApp, we noticed that this application has no clear purpose. Moreover, it is hosted on a shady web page and distributed with other dubious programs. Therefore, users should avoid installing IcuApp (and the associated apps) to avoid potential security and privacy risks.
While inspecting subsboost[.]online, we discovered that it displays misleading content to trick visitors into permitting it to send notifications. It is uncommon for sites like subsboost[.]online to be visited intentionally. Users should not allow such pages to show notifications and visit them.
Trustedsear.ch is the address of a fake search engine. Websites within this category cannot generate search results and redirect to genuine Internet search sites. They also tend to gather information about their visitors. Typically, fake search engines are promoted by browser hijackers. We discov
Search-secured.com is a fake search engine. Sites of this kind cannot provide search results and redirect to legitimate search engines. They are also known to collect visitor data. Fraudulent search engines are usually promoted (via redirects) by browser hijackers. We discovered search-secured.co
NewEngine is a rogue browser extension discovered by our research team when analyzing the installation setup for NeverSleep PUA. Upon examination, we determined that NewEngine is a browser hijacker. It modifies browsers to promote (via redirects) the search-secured.com fake search engine.