Our malware experts came across Darj while analyzing malware samples submitted to VirusTotal. Darj is ransomware that is part of the Djvu family. Its modus operandi is to encrypt data and affix the ".darj" extension to the filenames and produce a ransom note (the "_readme.txt" file). An example o
Updaterlife[.]com is a rogue page that we discovered while investigating suspicious websites. It promotes browser notification spam and redirects visitors to different (likely untrustworthy/dangerous) sites. Users primarily access webpages like updaterlife[.]com via redirects caused by sites usin
Our research team discovered the Ads Blocker Pro browser extension while investigating rogue webpages. This extension is promoted as an adblocker – a tool that removes advertisements. However, our analysis revealed that Ads Blocker Pro operates as adware. Hence, instead of blocking adverts – it di
Finderesults.com is the URL of a fake search engine. Unlike most sites of this kind, it can generate search results. However, they are inaccurate and may include unreliable/deceptive content. Typically, illegitimate search engines are promoted by browser hijackers, which modify browser settings t
Our researchers discovered the uddininc[.]com rogue page while investigating dubious websites. It operates by promoting browser notification spam and redirecting users to other (likely unreliable/hazardous) sites. Most visitors to uddininc[.]com and similar websites access them through redirects
Our researchers discovered bestresultsfast.com while investigating rogue software. This website is a fake search engine that can generate search results that are inaccurate and may include deceptive/dangerous content. In most cases, sites like bestresultsfast.com are promoted (via redirects) by b
While testing searchenginezones.com, we found that it is a questionable search engine that may display irrelevant results and untrustworthy advertisements. It is worth noting that search engines like searchenginezones.com usually are promoted via browser hijackers. Apps of this type modify web bro
Our researchers discovered the Basn malicious program during a routine inspection of new submissions to VirusTotal. Basn is classed as ransomware – a type of malware that encrypts data and demands ransoms for decryption. Once we launched a sample of this ransomware on our test machine, it began e
After analyzing checkingsystem[.]site, we learned that this site runs the "McAfee - Your PC is infected with 5 viruses!" scam and asks for permission to send deceptive notifications (show untrustworthy advertisements). We discovered checkingsystem[.]site while examining other unreliable sites.
Searchfme.com is a fake search engine. While most sites of this kind cannot provide search results, this website can – although they are inaccurate and include unreliable/deceptive content. Typically, websites like searchfme.com are promoted by browser hijackers. Furthermore, these pages and the