Our findings from testing the ServiceConfig app indicate that it functions as adware. Upon installation, ServiceConfig bombards users with intrusive advertisements and may harvest browsing-related and other data. Thus, ServiceConfig should be uninstalled from affected computers. ServiceC
We have inspected webseatzelive[.]com and discovered that the purpose of this site is to trick unsuspecting visitors into allowing it to show notifications. The page employs a clickbait technique to receive this permission. Users should avoid visiting webseatzelive[.]com and similar web pages.
During our examination of malware samples uploaded to VirusTotal, we discovered a ransomware variant known as SRC. We found that this ransomware variant belongs to the Makop family. Upon infiltration, SRC encrypts files, appends the victim's ID, restoreBackup@cock.li email address, and the ".SRC"
Color-picker-tab.com is the address of a fake search engine. We found this site while investigating a browser extension named – color-picker-tab. This extension makes changes to browser settings to promote (via redirects) the color-picker-tab.com webpage. This behavior categorizes color-picker-tab
While inspecting the Random Year Fact browser extension, we discovered the random-year-facts.com fake search engine. This extension supposedly provides random facts for a specific year. However, Random Year Fact makes alterations to browser settings in order to generate redirects that land on the
Chuck-norris-tab.com is the address of a fake search engine that we discovered while investigating a browser hijacker called – Chuck Norris Tab. This rogue software is endorsed as an extension providing Chuck Norris "facts". However, Chuck Norris Tab modifies browsers to promote (through redirects
While investigating a Torrenting website that uses rogue advertising networks, we found a deceptive page promoting an installer containing the CyberSound AudioDirector PUA (Potentially Unwanted Application). Apps within this classification typically have harmful capabilities. Furthermore, this in
Our inspection of psormonsh[.]com has uncovered that this is a deceptive website designed to lure users into agreeing to receive its notifications. To achieve this, psormonsh[.]com uses a clickbait technique. Additionally, psormonsh[.]com may redirect visitors to other sites of this kind. Thus, us
Gym-newtab.com is a fake search engine that we found while inspecting the Gym New Tab browser hijacker. It modifies browser settings to generate redirects to the gym-newtab.com site. We discovered this rogue browser extension promoted on a deceptive webpage. However, Gym New Tab might infiltrate
EMBARGO is ransomware, a type of malware that encrypts files on the infected device. Also, it appends a random extension to filenames and creates a ransom note "HOW_TO_RECOVER_FILES.txt". An example of how EMBARGO modifies filenames: it renames "1.jpg" to "1.jpg.564ba1", "2.png" to "2.png.564ba1",