Weyshare[.]com is a fake cryptocurrency platform. After our examination, it became evident that this scam website aims to trick users into transferring cryptocurrency to scammers. It might also operate as a phishing site targeting log-in credentials. As mentioned in the introduction, weysh
During our investigation, we discovered that searchingdb.com acts as an intermediary in redirection chains utilized by browser hijackers. Therefore, if users experience redirects to and from searchingdb.com, it is likely that an untrustworthy extension has hijacked their browsers. Browser
During our examination, we discovered that Dragon Search Solutions functions as a browser hijacker. Its primary aim is to promote a fake search engine by modifying the settings of the hijacked browser. Additionally, Dragon Search Solutions possesses the ability to access specific user data.
Through our analysis of the SorbusAucuparia app, we determined that it is a malicious extension distributed using a deceptive page. SorbusAucuparia can enable the "Managed by your organization" feature, read and change various data, and manage other extensions (and themes). Thus, affected users sh
While browsing suspect sites, our research team found the vast-conexxion[.]com rogue webpage. It promotes dubious/deceptive content and browser notification spam. Vast-conexxion[.]com can also redirect users to other (likely untrustworthy/dangerous) websites. Pages of this kind are primarily acces
"Email Failed To Sync" is a spam email that promotes a phishing scam. This fake letter states that the recipient has pending messages that failed to reach their inbox. When a user attempts to review the nonexistent emails, they are redirected to a phishing website that targets log-in credentials.
Our researchers discovered "Taskbar system" while inspecting dubious websites. It is promoted as a tool for altering the taskbar, e.g., color changes, transparency adjustments, etc. After examining this piece of software, we determined that it is a PUA (Potentially Unwanted Application) that opera
While inspecting dragonorders.com, we learned that it is a shady address commonly encountered when certain malicious extensions are added to browsers. Those malicious extensions redirect users to dragonorders.com to promote adware-type apps, browser hijackers, and other unwanted apps. Thus, apps a
Our researchers discovered Dispout while investigating suspicious websites. It is endorsed as a tool that allows users to schedule breaks (e.g., for stretching, exercising, etc.). However, upon inspection, we determined that Dispout is proxyware (an Internet bandwidth hijacker). Additionally, it i
While browsing questionable websites, our researchers found the Walliant application. It is endorsed as an app that automatically changes desktop wallpapers to stunning images from around the world. However, Walliant operates as proxyware, i.e., it hijacks Internet bandwidth. This app might also