Exploreahoy.com is the address of a fraudulent search engine. Websites of this kind typically cannot provide search results, so they redirect to genuine Internet search engines. These fake sites are commonly promoted by browser hijackers. It is noteworthy that users who experience redirects to ex
Our researchers discovered the DrawPad Graphic Design PUA (Potentially Unwanted Application) in an installer promoted by a deceptive webpage, which we found while investigating a Torrenting website that uses rogue advertising networks. Unwanted apps typically have harmful capabilities. Additional
After inspecting "$PARAM Claim Live", as promoted on signin-param[.]net, we determined that it is a scam. It impersonates the Param platform (paramgaming.com). The scheme lures users into exposing their digital wallets to a cryptocurrency wallet through a fake event in which $PARAM tokens can be c
We have tested the SeekFast browser extension and found that it hijacks a web browser by modifying its settings. Upon adding SeekFast, the extension sets certain settings to findflarex.com. Additionally, SeekFast may gather various data. It is recommended to avoid adding SeekFast to browsers.
Our researchers discovered Chaddad ransomware during a routine inspection of new submissions to the VirusTotal platform. After acquiring a sample of Chaddad, we launched it on our testing system. This ransomware encrypted files on the test machine and altered their filenames. Original titles were
Lexus ransomware is a malware designed to encrypt files. We discovered it while inspecting malware samples submitted to VirusTotal. In addition to encrypting files, Lexus renames files and generates two ransom notes ("info.txt" and "info.hta"). We also found that Lexus belongs to the Phobos ransom
While browsing dubious websites, our researchers discovered reqdpro[.]club. It is a rogue page that promotes browser notification spam and redirects users to other (likely untrustworthy/hazardous) sites. Webpages like reqdpro[.]club are most commonly accessed through redirects caused by websites u
After inspecting the "Subscribed Domain Used For Spamming Purposes" email, we determined that it is spam. It makes false claims regarding the misuse of an email account associated with the recipient's domain. This phishing mail aims to deceive victims into disclosing their log-in credentials.
Our researchers discovered the us-av-protection[.]com rogue page while investigating dubious websites. After examining it, we determined that us-av-protection[.]com promotes scams and browser notification spam. It can also generate redirects to other (likely unreliable/dangerous) sites. Us-av-pro
While browsing suspicious websites, our research team discovered the tapaness[.]com rogue page. Upon analysis, we determined that tapaness[.]com endorses browser notification spam and generates redirects to other (likely dubious/malicious) sites. Most visitors to tapaness[.]com and webpages akin