While investigating a browser hijacker called One Browser Search, our researchers found the universalwebsearch.com fake search engine. However, it could be promoted by other browser-hijacking software. Universalwebsearch.com cannot generate search results and redirects to legitimate Internet sear
During our inspection, we discovered that the AZELIT Math Plugin lacks clear functionalities and is bundled with various suspicious applications. As a result, we have classified the AZELIT Math Plugin as an unwanted application. Users are advised to avoid installing software like the AZELIT Math P
During our examination of loopdeviceconnection.co[.]in, we discovered that it is a fraudulent website designed to display deceptive content. The purpose of loopdeviceconnection.co[.]in is to receive permission from visitors to send notifications. Therefore, loopdeviceconnection.co[.]in should be a
One Browser Search is a rogue browser extension. This software alters browser settings to endorse (through redirects) the universalwebsearch.com fake search engine. Due to this behavior, One Browser Search is considered to be a browser hijacker. One Browser Search assigns universalwebsearc
BeaverTail is an information stealer targeting macOS users. Cybercriminals distribute it via a fake website hosting an application mimicking a legitimate service. In addition to stealing information, BeaverTail downloads additional malware that operates as a backdoor. Thus, BeaverTail should be
Noodle (also known as Nood, ANGRYREBEL) is a RAT (Remote Access Trojan) with backdoor abilities. RATs enable remote access/control over infected machines. Backdoor malware is typically used in the initial infection process as a system prep tool or a program for infiltrating additional malicious so
NullBulge is ransomware based on LockBit. Cybercriminals behind NullBulge have been observed targeting AI and gaming entities. In addition to encrypting files, NullBulge appends a random extension to filenames, changes the desktop wallpaper, and creates a ransom note ("[extension].README.txt"). A
ExploreBuffer is a rogue application classed as adware. Our researchers discovered it while browsing new file submissions to the VirusTotal platform. This app is part of the AdLoad malware family. ExploreBuffer is designed to generate revenue for its developers through advertising. Adwar
Labour is ransomware that our team has discovered during an examination of malware samples uploaded to the VirusTotal platform. Labour encrypts files and appends the ".labour" extension to filenames (e.g., it renames "1.jpg" to "1.jpg.labour", "2.png" to "2.png.labour", and so forth). It also prov
While inspecting iodides[.]org, we found it to be a deceptive web page. Once on iodides[.]org, visitors are presented with misleading content. The creators of iodides[.]org aim to trick visitors into agreeing to receive notifications from their page. Iodides[.]org and similar websites should be av