Our research team discovered KUZA ransomware while investigating file submissions to the VirusTotal website. This malicious program is a variant of the Proton ransomware. On our testing machine, KUZA encrypted files and altered their filenames. Original titles were appended with the attackers' em
We have examined both websites (claim-mesonnetwork[.]app and allocation.hub-mesonnetwork[.]com) promoting a Meson ($MSN) airdrop and discovered that they promote a fake giveaway. The scammers behind this campaign aim to trick visitors into believing that they are on the legitimate Meson platform (
Our examination of ademinetworkc[.]com revealed that it is an unreliable page designed to trick visitors into agreeing to receive its notifications on their devices. Typically, users unintentionally land on sites like ademinetworkc[.]com. In addition to displaying deceptive content, sites like ade
We have analyzed the Pianoic browser extension and found that its main purpose is to promote a fake search engine- rsrc2u.com. Pianoic achieves it by hijacking a web browser. Typically, browser hijackers take control over browsers by changing their settings. It is advisable to remove apps like Pia
We have tested the BitIndexer app and found that its functionality includes displaying annoying advertisements to users. Software of this type is known as adware. It is common for software of this type to be promoted without mentioning that it will display unwanted ads. Users should avoid apps l
Our research team discovered livemarinis[.]net while reviewing unreliable websites. After inspecting this page, we learned that it promotes browser notification spam and generates redirects to different (likely dubious/malicious) sites. Most visitors to livemarinis[.]net and similar webpages ente
While investigating suspicious sites, our researchers discovered the Held Error browser extension. It is endorsed as a tool that provides alternatives when users attempt to access a website that is down. Held Error generates redirects to the errorurl.net fake search engine and uses the aforementio
Bounce off the Wall is a rogue browser extension. After investigating this piece of software, we determined that it is a browser hijacker. Bounce off the Wall modifies browser settings to promote (via redirects) the newgensearch.com fake search engine. Browser-hijacking software makes chan
We have inspected the Wise Search browser extension and found that it hijacks browsers to promote a fake search engine. In order to achieve this, Wise Search changes the settings of a web browser. Thus, users of hijacked browsers are forced to visit a specific address (use the promoted fake search
While browsing suspicious websites, our researchers discovered the henidspost[.]com rogue page. After investigating it, we determined that this webpage endorses browser notification spam and redirects users to other (likely untrustworthy/malicious) sites. Most users enter pages like henidspost[.]c