Our researchers discovered the HTTP Error Decoder browser extension while inspecting untrustworthy websites. It is promoted as a tool that eases navigation in error-prone sites. After examining this rogue extension, we determined that it is advertising-supported software (adware). HTTP Error Deco
Forest Wallpapers is a rogue browser extension that modifies browser settings to promote (via redirects) the forestwallpapers.online fake search engine. Due to this behavior, the Forest Wallpapers extension is classified as a browser hijacker. Browser-hijacking software reassigns browsers'
Halo is a ransomware-type program. It is designed to encrypt data and demand ransoms for the decryption. On our test system, Halo encrypted files and appended their filenames with a ".halo" extension. To elaborate, a file initially titled "1.jpg" appeared as "1.jpg.halo", "2.png" as "2.png.halo",
While investigating untrustworthy websites, our research team discovered the "Your Security Is Not Up-To-Date" technical support scam. It makes false claims regarding the visitor's computer being infected and the system being locked for security purposes. The goal is to trick the user into calling
During an examination of safetyapp[.]click, it has been found that this is a deceptive website created to trick visitors into believing that their computers are infected. Also, this site aims to receive permission to show notifications. For these reasons, safetyapp[.]click should not be trusted.
The Errors Explained app is a helpful tool intended to enhance the browsing experience, assisting with decoding error codes. However, upon closer scrutiny, it becomes apparent that Errors Explained is, in fact, responsible for displaying bothersome and intrusive advertisements. These types of appl
FakeBat (also known as EugenLoader) is a malicious software loader and dropper that has emerged as a significant player in the world of cyber threats. FakeBat has been associated with malvertising campaigns since at least November 2022. Although the specific payload delivered by FakeBat in these
Following a comprehensive review of this email, it has been confirmed that it is a fraudulent message crafted to entice recipients into accessing the attached file. The main goal of the cybercriminals behind this scheme is to deceive recipients into unknowingly executing malicious software on thei
While examining malware samples uploaded to VirusTotal, we discovered a ransomware variant called Itqw. This ransomware is responsible for encrypting files and modifying their filenames by adding the ".itqw" extension. Additionally, Itqw creates a ransom note, a file named "_readme.txt". Itqw mod
While analyzing malware samples on VirusTotal, we came across a ransomware variant identified as Ithh. This ransomware encrypts files and modifies their filenames by appending the ".ithh" extension. Additionally, Ithh generates a ransom note, which can be found within a file named "_readme.txt".