Upon downloading a suspicious installer from an untrustworthy website, our team identified superstar3.io, a deceptive search engine that presents search results sourced from various other search engines. It is important to note that the installer used to promote superstar3.io may include additiona
During our analysis of Currency Conversion Extension, our team identified traits commonly associated with a browser hijacker. Typically, such applications take over web browsers by modifying their settings. It is common for browser hijackers to promote fake search engines. The Currency Con
Upon reviewing this email, our team has determined that its intent is to deceive recipients into disclosing their personal information. These types of emails are commonly known as phishing emails, and the scammers behind this particular phishing campaign are trying to lure recipients into submitti
After a thorough evaluation of the DeployPlatform application, we have determined that it displays intrusive advertisements. Such applications are typically classified as adware or advertising-supported applications. It is not unusual for users to inadvertently install adware without a complete
Our researchers discovered the DebugRootMouse application during a routine inspection of new file submissions to the VirusTotal website. After analyzing this piece of software, we learned that it is adware belonging to be AdLoad malware family. DebugRootMouse is designed to run intrusive advert
Dark Mode Ext is a rogue browser extension that promises to create a dark mode for browsers. Our researchers discovered this piece of software while investigating questionable websites. After examining Dark Mode Ext, we determined that it is a browser hijacker. This extension modifies browser set
"Deletion Of Your Account" is a phishing email. This fake message claims that the recipient's email account will be deleted unless it is updated. Preventing the supposed termination requires the user to sign into their account via a phishing site that records entered credentials. The spam
While checking our untrustworthy websites, our researchers discovered the "Lucky baro" browser extension. It operates by changing browser settings to promote (via redirects) the barosearch.com illegitimate search engine. This behavior classifies Lucky baro as a browser hijacker. On our tes
While investigating suspicious sites, our research team discovered the Chromstera browser. This application is based on Chromium – an open-source web browser project. If Chromstera has infiltrated your system, it is highly likely that this app arrived alongside other unwanted or potentially malic
Our research team discovered an installation setup containing the CirrusCastellanus browser extension during a routine inspection of untrustworthy websites. The exact modus operandi of this piece of malicious software is unknown. It is evident, based on the permissions for CirrusCastellanus, that