While investigating deceptive websites, our researchers discovered the Download Checker browser extension. It is promoted as a tool for testing Internet speed. However, our analysis of Download Checker revealed that it operates as advertising-supported software (adware) instead. Adware is
During a routine inspection of new submissions to VirusTotal, we discovered the Worlddecoding malicious program that is practically identical to World2022decoding ransomware. After we executed a sample of Worlddecoding ransomware on our testing system, it encrypted files and appended their titles
While analyzing the Duplicatefinder application, our team found that it displays annoying advertisements. Apps that bombard users with ads are classified as adware. We discovered Duplicatefinder while examining a download assistant downloaded from a shady website. As its name suggests, Dup
While checking out new submissions to VirusTotal, our research team discovered the EazyBit rogue application. After inspecting it, we determined that this piece of software operates as adware. We also learned that EazyBit is part of the AdLoad malware family. Adware stands for advertisin
Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines. At the time of writing, this malware is spread through malicious websites mirroring those of genuine software such as AnyDesk, Zoom, Notepad++, and others. Rhadamanthys is down
While testing the OneBlock application, our team noticed that it displays annoying advertisements. Thus, we classified OneBlock as adware (advertising-supported software). It is common for adware to be promoted and distributed using deceptive methods. We discovered OneBlock while analyzing a page
It is a fake pop-up message (a fake virus warning) displayed by a deceptive website. After examining this page, our team concluded that it uses a scare tactic to trick visitors into downloading and adding extensions to browsers (or installing untrustworthy applications on computers). We discovered
While checking out new submissions to VirusTotal, our researchers discovered the District ransomware. This type of malware is designed to encrypt data and demand payment for decryption. On our test machine, District encrypted files and changed their filenames by appending them with the cyber crim
We have inspected gosearches.gg and found that it is a fake search engine promoted via browser hijackers. Our team has also noticed that gosearches.gg is often the final destination URL in redirect chains (e.g., gosearches.gg gets opened via searchesmia.com). It is highly advisable not to trust go
Our team has examined captchafair[.]top and learned that this site shows a deceptive message to trick visitors into allowing it to show notifications. Also, captchafair[.]top redirects visitors to other untrustworthy web pages. We have discovered captchafair[.]top while inspecting sites that use s