Foodisgood.xyz is a fake search engine that we found while inspecting the FoodIsGood Default Search browser hijacker. This extension makes changes to browser settings in order to promote (via redirects) the foodisgood.xyz webpage. Browser-hijacking software modifies browser settings (e.g.,
We have examined this email and found that it is a scam commonly known as an advance-fee scam. Scammers behind such schemes usually aim to trick unsuspecting individuals into transferring money or providing sensitive information. Either way, scam emails should be ignored. This scam email c
While investigating questionable websites, our research team found multipleday[.]com. After examining this rogue page, we learned that it is designed to promote browser notification spam and redirect users to different (likely unreliable/harmful) sites. Most visitors access webpages like multipled
Our team has inspected webbearsearch.com and found that it is a fake search engine. This fake search engine is promoted via a browser hijacker, an extension known as Web Bear Search. It is highly recommended to avoid visiting/using search engines like webbearsearch.com, especially those promoted v
While reviewing new submissions to the VirusTotal website, our research team discovered the Anonymous Encryptor malicious program. After analyzing this malware, we determined that it is identical to two ransomware-type programs – GhosHacker and BlackSkull. Anonymous Encryptor ransomware encrypts
Our analysis of froommixoria[.]com has uncovered that it is a deceptive website designed to deceive unsuspecting visitors into agreeing to receive notifications from the site. Notifications from websites like froommixoria[.]com are not reliable. Therefore, such pages should not be permitted to sen
While investigating suspicious websites, our researchers discovered the doidacers[.]com rogue page. It operates by promoting browser notification spam and redirecting users to other (likely dubious/dangerous) sites. Webpages like doidacers[.]com are most often accessed through redirects generated
During our analysis of samples uploaded to the VirusTotal page, we discovered a ransomware variant belonging to the Djvu family known as Watz. This variant encrypts files and adds its extension (".watz") to filename. For instance, it changes "1.jpg" to "1.jpg.watz" and "2.png" to "2.png.watz". Als
We have analyzed undenentionin[.]com and found that this page is designed to trick visitors into permitting it to deliver notifications. Once this permission is granted, the website bombards users with various spam notifications, including deceptive ones. Users who have granted notification permis
CarnavalHeist is a banking Trojan targeting users in Brasil. It is capable of stealing banking credentials and performing other actions. Having a device infected with CarnavalHeist can result in financial loss, identity theft, and other issues. Thus, CarnavalHeist should be eliminated from comprom