Our research team discovered the hintonjour[.]com rogue page while checking out suspicious sites. It pushes browser notification spam and redirects users to different (likely unreliable/harmful) websites. Most visitors to hintonjour[.]com and similar webpages access them through redirects caused b
Our investigation has revealed that Games Day is a browser extension that utilizes browser hijacking to promote the website games-day.com. Unfortunately, games-day.com is a fake search engine that does not offer unique search results. In most cases, users inadvertently download and install/add bro
After inspecting this "Kuwait Airways" email, we determined that it is spam. This letter requests the recipient to provide any inquiries they have, and it contains a malicious attachment designed to infect systems with Agent Tesla malware. It must be emphasized that this email is fake, and it is
We examined allimpactdesign[.]com and learned that this website uses a deceptive tactic to trick visitors into allowing it to send notifications and redirects them to other suspicious websites. We discovered allimpactdesign[.]com while inspecting pages that use rogue advertising networks.
Our researchers discovered the lax-search.com fake search engine while inspecting browser hijackers. This software typically promotes (via redirects) websites like lax-search.com. These search engines are rarely capable of providing search results, and while lax-search.com can generate them – the
During our investigation of pages utilizing rogue advertising networks, we came across agabreloomr[.]com. This site employs a clickbait tactic to deceive visitors into consenting to receive push notifications, and it also directs users to other websites. We advise users not to visit or trust this
SirAttacker is ransomware that our team discovered during an analysis of malware samples submitted to VirusTotal. SirAttacker encrypts data, appends its extension (four random characters) to filenames, changes the desktop wallpaper, and displays a ransom note. An example of how SirAttacker modifi
Our research team discovered the adforprocessor[.]com rogue page during a routine inspection of suspicious websites. This webpage operates by promoting browser notification spam and redirecting visitors to other (likely unreliable/harmful) sites. Users primarily access pages like adforprocessor[.
After conducting an inspection of advnotsystems[.]com, we have determined that it is a deceptive page that displays a fake message in an attempt to persuade visitors to agree to receive notifications. Furthermore, we discovered that advnotsystems[.]com redirects visitors to other shady sites. As a
While investigating new submissions to VirusTotal, our researchers discovered the Clown ransomware. This malicious program is based on the Chaos ransomware. When we executed a sample of Clown (Chaos) ransomware on our testing system, it encrypted files and appended their filenames with a ".clown"