While investigating questionable websites, our research team found multipleday[.]com. After examining this rogue page, we learned that it is designed to promote browser notification spam and redirect users to different (likely unreliable/harmful) sites. Most visitors access webpages like multipled
Our team has inspected webbearsearch.com and found that it is a fake search engine. This fake search engine is promoted via a browser hijacker, an extension known as Web Bear Search. It is highly recommended to avoid visiting/using search engines like webbearsearch.com, especially those promoted v
While reviewing new submissions to the VirusTotal website, our research team discovered the Anonymous Encryptor malicious program. After analyzing this malware, we determined that it is identical to two ransomware-type programs – GhosHacker and BlackSkull. Anonymous Encryptor ransomware encrypts
Our analysis of froommixoria[.]com has uncovered that it is a deceptive website designed to deceive unsuspecting visitors into agreeing to receive notifications from the site. Notifications from websites like froommixoria[.]com are not reliable. Therefore, such pages should not be permitted to sen
While investigating suspicious websites, our researchers discovered the doidacers[.]com rogue page. It operates by promoting browser notification spam and redirecting users to other (likely dubious/dangerous) sites. Webpages like doidacers[.]com are most often accessed through redirects generated
During our analysis of samples uploaded to the VirusTotal page, we discovered a ransomware variant belonging to the Djvu family known as Watz. This variant encrypts files and adds its extension (".watz") to filename. For instance, it changes "1.jpg" to "1.jpg.watz" and "2.png" to "2.png.watz". Als
We have analyzed undenentionin[.]com and found that this page is designed to trick visitors into permitting it to deliver notifications. Once this permission is granted, the website bombards users with various spam notifications, including deceptive ones. Users who have granted notification permis
CarnavalHeist is a banking Trojan targeting users in Brasil. It is capable of stealing banking credentials and performing other actions. Having a device infected with CarnavalHeist can result in financial loss, identity theft, and other issues. Thus, CarnavalHeist should be eliminated from comprom
Our inspection of this "American Express - Username/Password Has Been Updated" email revealed that it is fake. The spam letter states that the log-in credentials for the recipient's American Express account have been changed. If they do not recognize this activity – they can keep their old usernam
After inspecting this "Commerzbank" email, we determined that it is fake. This spam letter requests the recipient to provide their identification to avoid cessation of their banking services. It must be emphasized that the claims made by this email are false, and this mail is not associated with