While investigating suspicious websites, our researchers discovered the "Operating System Blocked Due To Questionable Activity" technical support scam. The aim of this deceptive content is to trick users into calling fake Microsoft support in order to unblock their device and resolve other potenti
Our research team found the gemshaper[.]top rogue page while reviewing questionable websites. Two appearance variants of this webpage were discovered, both using fake CAPTCHA tests to promote browser notification spam. Additionally, this site can generate redirects to other (likely dubious/malicio
The Close All Tabs application is marketed as a convenient tool for swiftly closing all open tabs, including pinned tabs and those in incognito mode, with just one click. However, upon inspection, it has come to light that Close All Tabs exhibits intrusive advertisements. Such applications are typ
Upon examining the New key browser extension, it has been concluded that its purpose is to function as a browser hijacker. More precisely, this app is created to change the settings of hijacked browsers to force users to use keysearchs.com, a fake search engine. Applications of this nature should
Keylock is a ransomware-type program discovered by our researchers during a routine inspection of new file submissions to the VirusTotal platform. Ransomware operates by encrypting files to demand payment for the decryption. On our testing system, Keylock encrypted files and appended their filena
After careful analysis, it has been established that this email intends to entice recipients to open the attached file and submit their personal information. This email is disguised as correspondence from Intuit, an American business software company. Such emails, often referred to as phishing ema
The Choose All Languages application is marketed as a browser enhancement tool that facilitates text translation through a simple right-click anywhere in the browser. Nevertheless, a closer examination has unveiled that Choose All Languages presents intrusive advertisements. Such applications are
Hjutm is ransomware belonging to the Xorist family. It has been discovered while examining samples uploaded to the VirusTotal page. Hjutm is designed to encrypt files, rename all encrypted files (append the ".hjutm" extension to filenames), display an error window, and create the "КАК РАСШИФРОВАТЬ
AmebelodonFricki is a malicious browser extension capable of reading and changing certain data, managing other extensions, and controlling the Chrome browser in other ways. This app is distributed via a malicious installer we have discovered on a suspicious website. Thus, users should avoid adding
After a thorough analysis of the page, it became evident that it employs deceitful tactics to mislead visitors into thinking they need to take specific actions to eliminate the purportedly detected viruses. This website displays counterfeit messages and other content with the intention of deluding