While testing SearchPlus, we noticed that this extension has traits of a browser hijacker. Upon adding SearchPlus to a browser, the extension changes certain settings to promote a fake search engine. Users should avoid SearchPlus and similar extensions. If SearchPlus is already added, it should be
Our research team discovered the FastFind browser extension while investigating a rogue installer. This software modifies browser settings and produces redirects. Due to this behavior, FastFind is classed as a browser hijacker. FastFind assigns the webpage it promotes as the browser's defa
While examining thissrmadsme[.]org, we noticed that it uses clickbait to receive permission to send notifications. Deceptive websites like thissrmadsme[.]org (and their notifications) can expose users to various risks. Thu, thissrmadsme[.]org should be avoided and not allowed to send notifications
Our analysis of the page (basedawgz-claims.pages[.]dev) has shown that it is a scam website. The scammers behind this site aim to trick individuals into believing they are on a legitimate crypto platform. Their goal is to steal cryptocurrency. Thus, basedawgz-claims.pages[.]dev should not be trust
After reading the "Is Visiting A More Convenient Way To Reach" email, we determined that it is spam. This mail promotes a sextortion scam. The email claims that the sender has infected the recipient's smartphone and was monitoring them. In addition to obtaining sensitive data, the sender supposed
Cicada 3301 is a ransomware that emerged in the summer of 2024. It is offered as Ransomware-as-a-Service (RaaS) – a cyber-crime business model wherein access to ransomware and associated infrastructure is provided to paying affiliates. Cicada 3301 is written in the Rust programming language. Ranso
While reviewing malware submitted to the VirusTotal platform, our researchers found the C*nt ransomware (the asterisk stands for the letter "u"; thus, the name of this program will be censored throughout this article). The malware encrypts data and demands ransoms for its decryption. C*nt is part
Luxy is ransomware that encrypts and renames files, and creates a ransom note "[random_string].README.txt" on successfully attacked computers. This ransomware is distributed alongside a stealer module that extracts sensitive information before Luxy encrypts files. Luxy appends the ".luxy" extensi
Topvocedclub[.]top is a rogue page that we discovered during a routine inspection of suspicious websites. The webpage endorses spam browser notifications and redirects users to other (likely unreliable/harmful) sites. The majority of visitors to pages like topvocedclub[.]top access them through r
While inspecting ladsstudio[.]com, we learned that this site uses clickbait to lure visitors into accepting its notifications. Therefore, users should avoid visiting ladsstudio[.]com and not allow it to send notifications. Interacting with notifications from deceptive pages can lead to more harmfu