Procaptchahub[.]top is a rogue page designed to endorse browser notification spam and redirect visitors to different (likely untrustworthy/harmful) websites. Users typically access webpages of this kind through redirects caused by sites employing rogue advertising networks. We discovered procaptc
Isearch.start.fyi is the address of an illegitimate search engine. Websites of this kind are usually promoted by browser-hijacking software. It makes changes to browser settings in order to cause redirects to these sites. Furthermore, both fake search engines and browser hijackers typically collec
Our researchers discovered the CommonHandler application during a routine inspection of new submissions to the VirusTotal website. Following our examination of this app, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported softwa
WannaCry 3.0 is the name of a ransomware-type program. It is presented as a new variant of the WannaCry ransomware. Impersonator programs typically aim to use the original's notoriety. WannaCry 3.0 is actually based on the open-source Crypter (Python) ransomware. Malware within the ransomware cat
After inspecting lacmeeftsurvey[.]space, we concluded that it is an untrustworthy page running a survey scam. Also, lacmeeftsurvey[.]space wants to show notifications and redirect users to other websites. It is worth mentioning that users do not open pages like lacmeeftsurvey[.]space intentionally
During our investigation, we discovered that advtgroup[.]com employs a deceptive tactic to deceive visitors into granting permission for notification display. Furthermore, this website redirects users to other dubious sites. It should be noted that users often come across sites like advtgroup[.]co
After examining the "Social Security Administrator" email, we determined that it is spam. We found two variants of this mail; the text in the body of the letter was the same, while the attachments differed. This scam uses false claims regarding serious Social Security number issues to trick recipi
While investigating websites employing questionable advertising networks, we encountered topatincompany[.]com, which is among the numerous sites that employ deceptive tactics to deceive visitors into granting permission to display notifications. Furthermore, while browsing topatincompany[.]com, vi
FantasyMW is a rebrand of goatRat malware. FantasyMW is an Android banking trojan, a type of malware that specifically targets banking-related information. There are several variants of this malicious program, with one of the main differences in-between being the number of Brazilian banks it targ
While investigating new submissions to VirusTotal, our research team discovered another ransomware based on Chaos – called Eren Yeager. Malware within this classification is designed to encrypt data and demand payment for its decryption. After we executed a sample of Eren Yeager ransomware on our