CCC USA is ransomware that prevents victims from accessing their files by encrypting them. Also, CCC USA appends the ".cccusawasted" extension to filenames and provides a ransom note (creates "[filename]_info" files containing the same ransom note for each encrypted file). An example of how CCC U
Upon investigation of readytodistribute.com, we have determined that it is an unreliable search engine that may present false results and ads. Typically, search engines of this nature are endorsed through browser hijackers - applications that modify web browser settings. It is recommended to avoid
While investigating rogue software, our researchers discovered the searchmetoday.com fake search engine. Websites of this kind usually cannot provide search results, but searchmetoday.com is an exception. However, the results it generates are irrelevant and can include unreliable/deceptive content
After inspecting the "DHL - A Parcel Was Sent To You" email, we determined that it is fake. This spam letter is disguised as a notification from DHL regarding a shipment. This phishing mail aims to trick recipients into disclosing their email account log-in credentials. It must be stressed that th
Thebestcaptcha[.]top is a rogue page that our research team discovered while inspecting suspicious websites. It operates by endorsing browser notification spam. At the time of research, the webpage did so by employing fake CAPTCHA verification. Furthermore, thebestcaptcha[.]top can redirect visito
ALC is ransomware that does not encrypt files (unlike most ransomware variants). It imitates a lock screen (displays a ransom note in full screen) and drops several files on the victim's Desktop. ALC's ransom note provides contact and payment information. Screenshot of a fake lock screen displ
Our research team discovered the "Your NordVPN AntiVirus License Has Expired!" scam while investigating rogue websites. This scheme is presented as a warning regarding the expired license of NordVPN, and it urges the user to renew it. In most cases, deceptive content of this kind is used to promo
Our team has identified softstrorright[.]com as an untrustworthy website that solicits users to download a file and request permission to display notifications. Our team discovered softstrorright[.]com while analyzing sites that use rogue advertising networks. Typically, users access pages like so
Our researchers discovered the lightfoot[.]top rogue page while investigating untrustworthy websites. We found two appearance versions of this webpage, both designed to promote browser notification spam. Additionally, lightfoot[.]top is capable of redirecting visitors to other (likely unreliable/h
After examining browsing-guard.xyz, our team has determined that it is a fake search engine. It is worth mentioning that such search engines are typically pushed through applications that alter the configuration of web browsers, referred to as browser hijackers. Users rarely download and add apps