We have examined the site (enlist-aerodrome[.]app) and discovered that it is a copy of the original Aerodrome Finance site (aerodrome[.]finance). This fake website is created to steal cryptocurrency from users. It uses an offer to participate in a crypto giveaway as a lure. Users should not trust
Our research team discovered SharedQuantity while reviewing new submissions to the VirusTotal website. Upon examination, we determined that this application is adware belonging to the AdLoad malware family. SharedQuantity operates by running intrusive advert campaigns. Adware stands for
Our findings from testing the ServiceConfig app indicate that it functions as adware. Upon installation, ServiceConfig bombards users with intrusive advertisements and may harvest browsing-related and other data. Thus, ServiceConfig should be uninstalled from affected computers. ServiceC
We have inspected webseatzelive[.]com and discovered that the purpose of this site is to trick unsuspecting visitors into allowing it to show notifications. The page employs a clickbait technique to receive this permission. Users should avoid visiting webseatzelive[.]com and similar web pages.
During our examination of malware samples uploaded to VirusTotal, we discovered a ransomware variant known as SRC. We found that this ransomware variant belongs to the Makop family. Upon infiltration, SRC encrypts files, appends the victim's ID, restoreBackup@cock.li email address, and the ".SRC"
Color-picker-tab.com is the address of a fake search engine. We found this site while investigating a browser extension named – color-picker-tab. This extension makes changes to browser settings to promote (via redirects) the color-picker-tab.com webpage. This behavior categorizes color-picker-tab
While inspecting the Random Year Fact browser extension, we discovered the random-year-facts.com fake search engine. This extension supposedly provides random facts for a specific year. However, Random Year Fact makes alterations to browser settings in order to generate redirects that land on the
Chuck-norris-tab.com is the address of a fake search engine that we discovered while investigating a browser hijacker called – Chuck Norris Tab. This rogue software is endorsed as an extension providing Chuck Norris "facts". However, Chuck Norris Tab modifies browsers to promote (through redirects
While investigating a Torrenting website that uses rogue advertising networks, we found a deceptive page promoting an installer containing the CyberSound AudioDirector PUA (Potentially Unwanted Application). Apps within this classification typically have harmful capabilities. Furthermore, this in
Our inspection of psormonsh[.]com has uncovered that this is a deceptive website designed to lure users into agreeing to receive its notifications. To achieve this, psormonsh[.]com uses a clickbait technique. Additionally, psormonsh[.]com may redirect visitors to other sites of this kind. Thus, us