Mysearch.world is a browser extension that forcibly promotes a fake search engine called mysearch.world. It achieves this by hijacking the web browser (modifying its settings). It is worth mentioning that browser hijacking often occurs without the user's knowledge. Mysearch.world applicati
Our research team discovered the DigitalSphere application while inspecting new submissions to the VirusTotal website. After examining this piece of software, we learned that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It operate
Our research team discovered the Drop Tab browser extension while examining suspicious sites. It is endorsed as a tool that displays browser wallpapers. However, after investigating this piece of software, we determined that it makes changes to browser settings in order to promote (via redirects)
WikiLoader is a sophisticated loader-type malware. Malicious programs within this category are designed to cause chain infections, i.e., download/install additional malware. WikiLoader has been around since at least December 2022, and there are several versions of this program. This loader has be
Upon reviewing this email, our team has determined that its intent is to deceive recipients into divulging personal information. These types of emails are known as phishing emails, and the scammers responsible for this particular email seek to lure victims into submitting sensitive data on a fraud
During our examination, we identified this email as a fraudulent attempt by scammers to obtain personal information. Disguised as a DHL reminder, the email contains a deceptive link leading to a phishing website that imitates DHL's official site. Therefore, recipients should disregard and avoid in
Fruity is a downloader trojan that specifically targets Windows users and operates with a modular approach. With the assistance of Fruity, threat actors can infect computers with various types of malware, depending on their objectives. They employ a range of techniques to conceal the attack and en
Krize is ransomware that our team discovered while examining samples uploaded to the VirusTotal platform. We found that Krize encrypts files, appends the ".krize" extension to filenames, changes the desktop wallpaper, and creates a file named "leia_me.txt" containing a ransom note. An example of
After analyzing the LaneAnnual application, our team has identified characteristics that classify it as adware. Adware developers often employ dubious tactics for promotion and distribution. Thus, users often download and install apps like LaneAnnual inadvertently. It is recommended not to trust
Privacy-onbrowser[.]com is a rogue page that promotes scams and browser notification spam. Additionally, it can redirect visitors to different (likely untrustworthy/malicious) websites. Most visitors to privacy-onbrowser[.]com and webpages akin to it – access them through redirects generated by s