While examining samples submitted to VirusTotal, we discovered ransomware dubbed BIG HEAD. This ransomware encrypts files, replaces filenames with random strings, and generates a ransom note ("README_[random_number].txt"). An example of how BIG HEAD renames files: it changes "1.jpg" to "Mi5wbmc=",
While investigating questionable advertising networks, we stumbled upon nodritsissub[.]com. This website exhibits misleading content in an attempt to trick visitors into subscribing to its notifications. Additionally, nodritsissub[.]com redirects visitors to other websites. When visiting n
Thenicejournal[.]com is a rogue webpage that we discovered while checking out suspicious sites. It operates by pushing browser notification spam and redirecting visitors to other (likely unreliable/harmful) pages. Users primarily enter such webpages through redirects caused by sites that employ ro
Magic-dark.xyz is the URL of an illegitimate search engine. It cannot provide search results and redirects to a genuine Internet search site. Fake search engines are commonly promoted by browser hijackers. This software modifies browser settings in order to cause redirects to the endorsed website
Overheatusa[.]com is a rogue site that we discovered while investigating dubious webpages. It promotes browser notification spam and redirects visitors to different (likely unreliable/hazardous) websites. Most users enter such pages through redirects caused by websites using rogue advertising netw
Our researchers discovered the Nature Extension while inspecting suspicious websites. This browser extension displays nature-themed browser wallpapers. After analyzing Nature Extension, we learned that it is a browser hijacker. It makes changes to browser settings in order to promote the find.bsea
Our research team found the rechanque[.]com page during a routine investigation of suspect websites. It operates by promoting spam browser notifications and redirecting users to other (likely untrustworthy/dangerous) sites. Most visitors to webpages like rechanque[.]com enter them through redirec
Upon analysis of the Architecture Tab browser extension, our team has determined that it operates as a browser hijacker by altering browser settings to promote a fake search engine called srchingoz.com. It is important to note that users typically add browser hijackers such as Architecture Tab to
Owletguide[.]com is a rogue webpage that our research team discovered while investigating dubious websites. This page is designed to push browser notification spam and redirect visitors to different (likely unreliable/malicious sites). Users typically enter webpages like owletguide[.]com through
Gosteadybuddy[.]store has been identified as an untrustworthy website that uses clickbait tactics to deceive visitors into subscribing to its notifications. Our team found gosteadybuddy[.]store while researching web pages that use questionable advertising networks. It is worth noting that most use