While investigating a Torrenting website that uses rogue advertising networks, we found a deceptive page promoting an installer containing the CyberSound AudioDirector PUA (Potentially Unwanted Application). Apps within this classification typically have harmful capabilities. Furthermore, this in
Our inspection of psormonsh[.]com has uncovered that this is a deceptive website designed to lure users into agreeing to receive its notifications. To achieve this, psormonsh[.]com uses a clickbait technique. Additionally, psormonsh[.]com may redirect visitors to other sites of this kind. Thus, us
Gym-newtab.com is a fake search engine that we found while inspecting the Gym New Tab browser hijacker. It modifies browser settings to generate redirects to the gym-newtab.com site. We discovered this rogue browser extension promoted on a deceptive webpage. However, Gym New Tab might infiltrate
EMBARGO is ransomware, a type of malware that encrypts files on the infected device. Also, it appends a random extension to filenames and creates a ransom note "HOW_TO_RECOVER_FILES.txt". An example of how EMBARGO modifies filenames: it renames "1.jpg" to "1.jpg.564ba1", "2.png" to "2.png.564ba1",
While investigating new file submissions to the VirusTotal platform, our researchers discovered the Anyv ransomware. Malicious software within this classification encrypts data and demands payment for its decryption. On our testing system, Anyv encrypted files and appended their filenames with a
We have tested search.media-tab.com and found that it is a fake search engine. This fake search engine is promoted via an extension called Vids Tab, which is a browser hijacker. The app promoting search.media-tab.com hijacks a browser by changing its settings. Affected users should remove the Vids
During our examination of the app, we noticed that it changed the settings of a browser to promote a fake search engine, searchfst.com. Thus, we classified Are you bored? extension as a browser hijacker. Users should not trust browser hijackers and fake search engines and are advised to remove the
We have inspected super-car-tab.com and learned that it is a fake search engine promoted through a browser extension called SuperCar New Tab. This extension promotes super-car-tab.com by changing the settings of a web browser (by hijacking a web browser). Thus, super-car-tab.com and SuperCar New T
During a routine investigation of dubious websites, our research team discovered the Calculator Tab browser extension. It supposedly provides a calculator widget for browsers. However, this extension operates as a browser hijacker. Calculator Tab alters browser settings to endorse (via redirects)
Sunny-days.co is the address of a fake search engine that we discovered while investigating the Sunny Days browser hijacker. This extension is endorsed as a tool for changing browser wallpapers and allowing easy access to weather reports. Sunny Days changes browser settings to promote (through re