Ysearcher.com is the address of a fake search engine. These pages typically cannot provide search results and redirect to legitimate Internet search websites. Fraudulent search engines are usually promoted (via redirects) by browser hijackers. Software within this classification tends to alter br
In our evaluation of the email, it has become evident that it is authored by scammers with the intention of deceiving recipients into divulging sensitive information. Disguised as a notification from OneDrive, the email includes a link to a fraudulent webpage. Such emails are commonly referred to
LockBit 4.0 is a new variant of the LockBit ransomware. This version was released in February 2024, the same month law enforcement agencies arrested two LockBit operators. Five days following the breach, the threat actors released a statement regarding restructuring and intentions to continue oper
In the course of our inspection of malware samples on VirusTotal, we came across a ransomware variant dubbed Frea. As a rule, malware of this type encrypts files and demands payment for decryption. In addition to encrypting files, Frea appends its extension to filenames (".frea"), provides a ranso
During our examination of the updates-mac[.]com page, we noted its practice of displaying deceptive content to persuade visitors to grant permission for notifications. Such websites, including updates-mac[.]com, should not be trusted, as their notifications may direct users to potentially harmful
During our examination of the Words Finder browser extension, we discovered that it compels users to visit wordsfinder.xyz by altering the settings of their web browser. This action constitutes browser hijacking. It is advisable for users to remove applications like Words Finder from hijacked brow
In our examination of the TechLookupTool application, we determined its primary function is to present users with assorted advertisements, categorizing it as adware. Apps like TechLookupTool are notorious for displaying deceptive ads and potentially gathering diverse user data. Consequently, it
Our research team found the ProgramIndexer app while reviewing file submissions to the VirusTotal website. After inspecting this application, we determined that it is advertising-supported software (adware) from the AdLoad malware family. Adware generates revenue for its developers throu
Wallpapers - New Tab is a rogue browser extension discovered by our researchers during a routine investigation of questionable websites. This software promises to display browser wallpaper. However, upon inspection, we learned that Wallpapers - New Tab modifies browser settings to promote the khe
Upon examination, we determined that the "Confirm Hotel Bank Account" email is malspam. This letter requests the recipient to review the attached receipt to confirm that the correct bank account is indicated in the payment. However, the attachment is intended to infect devices with the XLoader mal