While inspecting a Torrenting site that employs rogue advertising networks, our researchers were redirected to a deceptive page promoting an installer containing the JoisApp PUA (Potentially Unwanted Application). These apps typically possess undesirable and possibly harmful functionalities. They
Search-browser.com is the address of a fake search engine, which cannot provide search results and produces rogue redirects. Typically, these supposed search engines collect visitor data. Sites like search-browser.com are promoted (via redirects) by browser hijackers. Browser-hijacking sof
Trinity is the name of a ransomware-type program. It operates by encrypting files and demanding payment for the decryption. After we executed a sample of Trinity on our testing machine, it encrypted files and altered their names. Original filenames were appended with a ".trinitylock" extension, e
We found that toppholasnow[.]com is an untrustworthy website that uses clickbait, a misleading tactic, to lure visitors into permitting it to send notifications. There are plenty of web pages like toppholasnow[.]com. Another common trait is that users do not open them on purpose. Such pages should
After reading the "AT&T" email, we determined that it is spam promoting a refund scam. It is presented as a confirmation of a service transfer to a different provider. This mail lures recipients into communicating with scammers by claiming that the impending charge for the transfer can be can
Our examination of SourceUpdater has revealed that this application operates as adware. It is designed to inundate users with intrusive advertisements. Additionally, SourceUpdater may possess the capability to access and collect diverse data. It is recommended to avoid installing applications li
Our analysis of DefaultSection has uncovered that this app functions as adware. The purpose of DefaultSection is to deliver annoying advertisements to users. Also, the app might be capable of accessing and gathering various data. Users are advised to uninstall apps like DefaultSection from compu
Our research team found topewesusa[.]com while browsing dubious sites. Upon investigation, we learned that it is a rogue webpage promoting browser notification spam and generating redirects to different (likely unreliable or hazardous) websites. Topewesusa[.]com and similar pages are primarily ac
Topauthe[.]com is a rogue webpage discovered by our researchers during a routine investigation of untrustworthy sites. After investigating this page, we learned that it promotes browser notification spam and redirects users to other (likely dubious/malicious) websites. Most visitors access pages l
Run is ransomware belonging to the MedusaLocker family. We discovered it during our analysis of samples uploaded to the VirusTotal page. Run encrypts files and appends its extension to filenames. It also provides a ransom note in a file named "How_to_back_files.html". An example of how Run modifi