While inspecting findmebuy.com, our team found that it is a search engine that generates questionable results and shows advertisements. It is worth mentioning that search engines of this kind usually are promoted by browser hijackers that modify the browser's settings. Most users add browser hijac
Arazite is a piece of malicious software categorized as ransomware. This type of malware is designed to encrypt data and demand payment for decryption. After we executed a sample of Arazite on our test system, it began encrypting files and appended their filenames with the ".arazite" extension. F
After testing the Free Game Loop browser extension, we found that it is an advertising-supported application. This app generates revenue for its developer by displaying unwanted advertisements to users. Our team discovered Free Game Loop on a website offering to play the best card games online.
Our research team discovered the allprotectpc[.]com rogue page during a routine investigation of untrustworthy websites. It promotes scams, pushes browser notification spam, and redirects visitors to other (likely unreliable/malicious) sites. Users typically enter allprotectpc[.]com and similar w
Wanqu is the name of ransomware that encrypts and renames files (by appending the ".Wanqu" extension) and drops "RESTORE_FILES_INFO.txt" and "RESTORE_FILES_INFO.hta" files (ransom notes) on the desktop. Our team discovered Wanqu while inspecting malware samples submitted to the VirusTotal website.
While investigating new submissions to VirusTotal, our researchers found the AuroraShack application. After analyzing it, we determined that this app operates as adware (i.e., runs intrusive ad campaigns) and belongs to the AdLoad malware family. Adware stands for advertising-supported s
A new version of Android malware has emerged recently, targeting customers of Indian banks. Cybercriminals behind this campaign are using fake banking rewards applications to trick users into installing information-stealing malware with remote access trojan (RAT) capabilities. Their goal is to ste
While investigating untrustworthy sites, our researchers found the mscmart[.]com rogue page. It pushes spam browser notifications and redirects visitors to other (likely questionable/malicious) websites. Users typically enter mscmart[.]com and similar pages through redirects caused by websites usi
Pushyoumail[.]com is a rogue website that promotes browser notification spam and causes redirects to different (likely untrustworthy/malicious) sites. Our research team discovered this page during a routine investigation of suspicious websites. Users typically enter webpages of this kind via redir
While inspecting dubious webpages, our researchers discovered the service-2022[.]site rogue site. It operates by promoting scams, pushing browser notification spam, and redirecting visitors to other (likely untrustworthy/malicious) websites. Most users access pages like service-2022[.]site via re