During our analysis of FoodSearchTab, our team identified traits typically associated with a browser hijacker. Usually, apps of this type hijack web browsers by changing their settings. It is common for browser hijackers to promote fake search engines. Users often download and add these apps to th
World Weather is advertised as a weather app that offers users access to weather information directly from their homepage. However, we found that this app is a browser hijacker. World Weather promotes a fake search engine by modifying some browser settings. Thus, it is not recommended to trust thi
While reviewing suspicious sites, our researchers discovered the mca-check[.]click rogue webpage. It promotes scams and browser notifications spam. Additionally, this page can redirect users to different (likely unreliable/malicious) sites. Most visitors to mca-check[.]click and similar webpages
Our research team found the EssentialPlatform app while investigating new submissions to the VirusTotal website. After examining this application, we determined that it is advertising-supported software (adware). We also learned that EssentialPlatform is part of the AdLoad malware family.
While investigating suspicious websites, our research team discovered the "Supernova: Productivity and relaxation" browser extension. According to its promotional material, this extension displays browser wallpapers. However, after examining this piece of software, we determined that it is a brow
Our research team discovered the DUMP LOCKER ransomware during a routine inspection of new submissions to the VirusTotal website. Malware within this category operates by encrypting data in order to demand ransoms for its decryption. On our test machine, DUMP LOCKER displayed a fake Windows updat
After investigating the "Two-Factor Verification" email, we determined that it is spam. The letter falsely claims that the recipient's email account must be authenticated for security purposes. This mail promotes a phishing website that mimics the recipient's email account sign-in page. Th
Prizehubtop[.]top is an untrustworthy page that our team discovered while inspecting pages associated with shady advertising networks. The purpose of prizehubtop[.]top is to trick visitors into permitting it to show notifications. Users should never allow such pages to send notifications.
Our team examined this page and found that it shows a deceptive message that claims users are eligible for a free giveaway. It is not a genuine giveaway, and scammers attempt to collect personal data for malicious purposes, such as identity theft, spamming, or selling information to other criminal
SXH is a data-stealing malware developed in the Go programming language. Its primary objective is to collect a wide range of data from infected systems. The stolen data can then be exploited for various malicious purposes, including identity theft, financial fraud, and other cybercrimes. Thus, SXH