Our team has identified softstrorright[.]com as an untrustworthy website that solicits users to download a file and request permission to display notifications. Our team discovered softstrorright[.]com while analyzing sites that use rogue advertising networks. Typically, users access pages like so
Our researchers discovered the lightfoot[.]top rogue page while investigating untrustworthy websites. We found two appearance versions of this webpage, both designed to promote browser notification spam. Additionally, lightfoot[.]top is capable of redirecting visitors to other (likely unreliable/h
After examining browsing-guard.xyz, our team has determined that it is a fake search engine. It is worth mentioning that such search engines are typically pushed through applications that alter the configuration of web browsers, referred to as browser hijackers. Users rarely download and add apps
Cleanmode.xyz is the address of a fake search engine. Sites within this classification cannot provide search results and redirect to legitimate ones. Illegitimate search engines are typically promoted (via redirects) by browser hijackers. These sites and the software endorsing them tend to collect
STAR VS THE FORCES OF EVIL is ransomware we discovered while checking the VirusTotal page for recently submitted malware samples. STAR VS THE FORCES OF EVIL encrypts files, appends the ".STARVSTHEFORCESOFEVIL" extension to filenames, and drops the "how_to_back_files.html" file (a ransom note). An
Our research team discovered the eLiteSort malicious program during a routine inspection of deceptive websites. The installer promoting this program also installed the Info adware on our test machine. Therefore, it is highly likely that if eLiteSort is detected on the system – other unwanted/harmf
While checking out rogue websites, our research team found an installation setup containing an adware-type application named Info. It is pertinent to mention that said installer was also bundled with the eLiteSort malware. Adware stands for advertising-supported software. It is designed to
Our team has concluded that nowcaptchahere[.]top is an unreliable website that shows a deceptive message to trick visitors into consenting to receive notifications. It is common for individuals to access websites like nowcaptchahere[.]top accidentally. We found nowcaptchahere[.]top while examining
During our examination of malware samples submitted to VirusTotal, we came across a variation of Djvu ransomware known as Coaq. This version encrypts files and adds the ".coaq" extension to their names. Moreover, Coaq also creates a ransom note file named "_readme.txt". Since Coaq is associated w
Our investigation of malware samples uploaded to VirusTotal has uncovered a new version of the Djvu ransomware dubbed Cosw. Its primary aim is to encrypt files on the infected computer and rename them with by appending the ".cosw" extension. Cosw also creates a file named "_readme.txt", which cont