Upon examining wersi[.]club, we concluded that it is a shady website with the aim of deceiving visitors into granting it permission to send notifications. Additionally, the website may redirect visitors to other questionable sites. We encountered wersi[.]club during an analysis of sites that use r
Ytmusichub[.]com is one of the many websites allowing users to download YouTube videos. However, downloading videos from YouTube is against the company's terms of service. Also, we found that ytmusichub[.]com users rogue advertising networks. Thus, it is advisable against using ytmusichub[.]com.
After investigating the bestdiscoveries.co website, we came to the conclusion that it is an unreliable search engine. We found bestdiscoveries.co after adding a suspicious browser extension. This extension promotes bestdiscoveries.co by hijacking the browser/altering its settings. The best
Microsoft OneNote malware – refers to malicious software distributed using trojanized OneNote (.one) files. The legitimate format documents are modified for malware proliferation by being embedded with virulent content, which triggers the malware's download/installation process when interacted wit
While checking out questionable websites, our research team discovered the notifpushnext[.]com rogue page. It operates by promoting spam browser notifications and redirecting visitors to other (likely unreliable or harmful) websites. Users typically enter webpages like notifpushnext[.]com through
While investigating browser hijackers, our researchers found the searchatwebs.com illegitimate search engine. These websites are typically promoted (through redirects) by browser-hijacking software that modifies browser settings. While most fake search engines cannot generate search results, sear
While investigating suspicious websites, our researchers discovered the snapinsta[.]io webpage. It is a YouTube converter, i.e., this site allows users to convert videos from said platform into download audio (MP3) files. This service breaks copyright laws. Snapinsta[.]io also uses rogue advertisi
Pcroomskill[.]com is a rogue website, practically identical to the downloaderfiles[.]cloud page. Our researchers discovered this site while investigating suspicious webpages. Pcroomskill[.]com is designed to promote dubious/harmful software and spam browser notifications. Furthermore, it is capabl
We investigated validityprotocol[.]com and found that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. This site displays false messages to deceive visitors into thinking their computers are infected. The purpose of validityprotocol[.]com is to promote legitimate software.
Graphiron is an information stealer written in Go programming language. It is capable of extracting various information from the infected operating systems. It is known that cybercriminals behind Graphiron stealer target users in Ukraine. Graphiron is a dual-phase malware made up of a down