xCor is ransomware designed to encrypt files, change their filenames (by appending the victim's ID, xcorp@decoymail.mx email address, and ".xCor" extension), and provide two ransom notes (display pop-up window and create the "info.txt" file). We discovered xCor during our analysis of malware sampl
Soccer Leagues is a rogue browser extension. After analyzing this piece of software, we determined that it is a browser hijacker. Soccer Leagues modifies browser settings in order to cause redirects. Additionally, this extension likely collects sensitive user data. Browser-hijacking softwa
Bandit is a type of information-stealing malware written in the Go programming language. It is designed to bypass detection mechanisms and targets various web browsers and cryptocurrency wallets. Bandit targets Windows operating systems but may be designed to work on other platforms in the future.
Tiywepxb is ransomware belonging to the Snatch family. Our malware researchers discovered Tiywepxb while inspecting samples on the VirusTotal page. The purpose of Tiywepxb is to encrypt files. Also, it appends the ".tiywepxb" extension to the filenames of encrypted files and creates the "HOW TO RE
After our assessment, we have determined that unsoning[.]com employs a deceitful method, including presenting a fraudulent message to deceive visitors into subscribing to notifications. Furthermore, unsoning[.]com might redirect users to potentially dangerous websites. It is strongly recommended t
Webronadforyoudesign[.]com is the address of a rogue webpage that promotes browser notification spam and redirects visitors to other (likely untrustworthy/harmful) websites. We discovered this page during a routine investigation of suspicious sites. Most users access webpages like webronadforyoud
Our research team discovered the Plantastic Tab browser extension during a routine investigation of deceptive websites. It operates by modifying browser settings to promote (via redirects) the plantastictab.com fake search engine. Due to this behavior, Plantastic Tab is categorized as a browser hi
Theronadforyou24[.]com is a rogue webpage that we found during a routine inspection of questionable sites. This page is designed to promote spam browser notifications and redirect visitors to different (likely unreliable/dangerous) websites. Most users enter pages like theronadforyou24[.]com via
Museum Views Tab is a rogue browser extension that our research team discovered while inspecting suspicious websites. After analyzing this extension, we determined that it is a browser hijacker. Museum Views Tab makes alterations to browser settings in order to promote the museumviewstab.com illeg
While investigating suspicious sites, our research team found theowletnow[.]com rogue webpage. It operates by pushing browser notification spam and redirecting users to other (likely unreliable/hazardous) websites. Most visitors to theowletnow[.]com and sites akin to it – access them via redirect