"Please Install The Root Certificate" is a malware-proliferating online scam, which is part of the ClickFix campaign. It comprises fake Google Chrome pop-up alerts that claim an error occurred when displaying a website. The scheme provides steps for addressing the bogus issue, which leads to victi
Our researchers discovered the OptimalValue rogue app while inspecting new file submissions to the VirusTotal site. Upon examination, we determined that this application is advertising-supported software (adware). OptimalValue is part of the AdLoad malware family. Adware is designed to f
Our research team discovered an app named ProgramSource during a routine investigation of new submissions to VirusTotal. After analyzing this application, we determined that it is adware from the AdLoad malware family. ProgramSource operates by running intrusive advertisement campaigns.
After inspecting the "DNS Error" email, we determined that it is spam. It states that several messages sent by the user have failed to reach the intended recipients due to a DNS error. This mail promotes a phishing website seeking email log-in credentials by disguising it as a way to address the f
We have inspected this email and concluded that its goal is to extract personal information from unsuspecting recipients. The email described in our article masquerades as a notification from Crédit Agricole, a legitimate French international banking group. Such fraudulent emails are referred to a
Energyprotab.com is the address of a fake search engine that we discovered promoted by the Energy Pro Tab browser hijacker. This extension is endorsed as a tool that allows users to customize their browser tabs and support green energy initiatives. Instead, Energy Pro Tab makes changes to browser
We have examined the site and found that it is a scam page designed to trick visitors into believing that an unusual application has been detected in their operating system. The purpose of this scam is to lure unsuspecting users into calling the provided number. Such fraudulent schemes are known a
We found that srcingan.com is a fake search engine promoted via a browser hijacker known as Anime Nook. Usually, browser hijackers promote fake search engines by changing the settings of hijacked browsers. Users often add apps of this type unintentionally (without knowing these apps will hijack th
Upon inspecting Cyclostomatous, we concluded that it functions as adware (the app delivers annoying advertisements) and is part of the Pirrit family. In order to avoid potential issues, users should not install apps like Cyclostomatous and remove them from affected devices as soon as possible.
Our researchers found the Lobelia application while investigating new file submissions to the VirusTotal platform. Upon closer inspection, we determined that it is adware from the Pirrit family. Advertising-supported software operates by running intrusive advertisement campaigns and may possess