While investigating dubious websites, our research team discovered the "AdClean (works on Youtube)" browser extension. Promoted as an ad-blocker (advertisement-blocking tool), this software operates as adware. In other words, instead of removing ads – this extension displays them. "AdClean (works
REDCryptoApp is a malicious program designed to encrypt data and demand ransoms for its decryption. Due to this behavior, it is classed as ransomware. After we launched a sample of this malware on our testing system, it encrypted files and added a ".REDCryptoApp" extension to their names. To elab
During our examination of the website, we discovered that check-tl-ver-12-7[.]top is one of many deceptive pages using clickbait tactics to obtain visitors' permission to send notifications. Additionally, check-tl-ver-12-7[.]top may redirect visitors to similar websites. Therefore, it is advisable
After inspecting the "Authentication Request" email, it became evident that it is spam. The mail warns recipients that unless they complete an authentication process, they can get logged out of their email account. The purpose of this email is to deceive users into providing their log-in credentia
During our inspection, we found that the purpose of omcaterpieom[.]com is to trick visitors into permitting it to show notifications. Omcaterpieom[.]com seeks to achieve this goal through the use of a clickbait technique. We also discovered that omcaterpieom[.]com redirects visitors to other untru
While inspecting new submissions to the VirusTotal platform, our researchers found Bande.app. Our analysis of this application revealed that it is adware from the Pirrit malware family. Bande.app is designed to deliver intrusive advertisement campaigns. Adware stands for advertising-supp
After analyzing this scam, we have found that it involves deceptive websites and a file crafted to generate misleading pop-ups (masquerading as warnings from legitimate software) on Windows. Users should exercise caution to avoid falling victim to these tactics, as they can lead to potential secur
After reviewing the Proboscidea application, we have concluded that it is a malicious extension distributed through unreliable pages. This extension has the capability to activate the "Managed by your organization" feature, access and manipulate various data, and control other extensions and theme
Dzen is a ransomware variant belonging to the Phobos family that we discovered while examining malware samples submitted to the VirusTotal page. We learned that Dzen encrypts files (and modifies their filenames) and provides two ransom notes ("info.txt" and "info.hta"). Dzen appends the victim's I
While investigating the website, we found that breliu[.]shop is among the numerous deceitful pages employing clickbait tactics to gain visitors' permission to send notifications. Rarely do users intentionally navigate to sites such as breliu[.]shop, and they should promptly close them upon arrival